Web App & Wifi Security Training

Comprehensive Coverage of Web Application & WiFi Security

The course is focused on a comprehensive coverage of web application security. It will present security guidelines and considerations in web applications development. The participants will learn the basics of application security, how to enforce security on a web application, Basics of Threat Modeling, Threat Profiling, OWASP Top Ten Testing and Black Box Testing.

We will also cover security guidelines and considerations in wireless networking. The participants will learn the latest security standards, including all 802.1x/EAP types used in WLANs , how to locate and triangulate rogue access points and implement Wireless Intrusion Prevention Systems, assess the security of wireless networks using the same hacking tools the bad guys do.

Objectives of the course

Upon completion of this course, participants will be able to:

  • Understand the need for security
  • Understand the various security threats and countermeasures
  • Design and Develop secured web applications
  • Understand wireless standards & security architecture
  • Analyze the wireless protocol, and algorithmic flaws
  • Conduct penetration testing of wireless network
  • Understand Enterprise Security on wireless network

Duration

6 Weeks

Course Contents

  • Application Security Fundamentals
  • Recap on Application Development Technologies
  • Database Fundamental
  • Application Security Overview
  • OWASP Top 10
  • Attacks & Defense
    • A1-Injection
    • A2-Cross Site Scripting (XSS)
    • A3-Broken Authentication and Session Management
    • A4-Insecure Direct Object References
    • A5-Cross Site Request Forgery (CSRF)
    • A6-Security Misconfiguration
    • A7-Insecure Cryptographic Storage
    • A8-Failure to Restrict URL Access
    • A9-Insufficient Transport Layer Protection
    • A10-Unvalidated Redirects and Forwards
  • Proxy Based Attacks – Burp Suite
  • Wireless Technology Background
  • Risks of using Wireless Technologies
  • Current Wireless Security
  • Wireless Standards & Terminologies
  • Attack Taxonomy
  • Introduction 802.11 Standard
  • Features of 802.11 Standard
  • Packet types of 802.11 Standards
  • 802.11 Protocol Analysis
  • 802.11 authentication types
  • 802.11 Discovery
  • Understanding Software Requirements
  • Wireless Hardware and Drivers
  • Aircrack-ng Kungfu
  • Attacking Open Wireless Network
  • De-authenticating users
  • Hidden SSID – Security through Obscurity
  • Defeating MAC Filtering
  • WEP Cracking
  • Concept of IVs
  • WPA/WPA2 Cracking
  • Understanding PSK, TKIP, EAP, PEAP
  • Advanced Wireless Attack
  • Wireless security
    • EvilTwin Attack
    • SSL Man In The Middle Attacks
    • Securing 802.11 Networks
    • Wired Equivalent Privacy (WEP)
    • Adding extra layer of external security
    • Wireless IDS (WIDS) and Wireless IPS (WIPS)
    • Enterprise Level WiFi Security & Best Practices
    • BYOD Security Issues
    • MDM Security Solutions
    • Understanding 802.11i Security

Ethical Hacking Training

This course goes deep down into depths of networking, systems, web applications, actual exploitation & helps beginners to take their confident first step towards information security field.

  • 6 Weeks Comprehensive Training
  • Built by Experienced Professionals
  • Regularly update on tools, techniques in course content