TECH TRAINING 3 – ADVANCED WEB HACKING – ATTACKS, EXPLOITS AND DEFENSE

OVERVIEW

Introduction and adaptation of new technologies like Ajax, RIA, HTML 5 and Web Services has changed the dimension of Web and Mobile Application Hacking. There are several new ways of hacking techniques are evolving and hacking in migrating to new dimension. Exploiting browser/mobile stack and server side injections are becoming common across applications. Cloud and Mobile are adding new attack surface to application layer. It is imperative to learn these advanced attack vectors and their countermeasures.

The course is designed by the author of “Web Hacking: Attacks and Defense”, “Hacking Web Services” and “Web 2.0 Security – Defending Ajax, RIA and SOA” bringing his experience in application security and research as part of curriculum to address new challenges. Advanced Application Hacking is hands-on class along with right tools. The class features real life cases, hands one exercises, new scanning tools and defense mechanisms. Participants would be methodically exposed to various different attack vectors and exploits. Following broad areas will be covered in various sessions along with hands-on and tools.

ADVANCED APPLICATION ARCHITECTURE AND THREATS 

• Application Architecture and Threats in era of HTML5/Web 2.0

• Application Attack Surface and Scenarios

• Technology trends and Threats in web and Mobile space

• Web Protocols and Structures (JSON, XML, AMF, WCF, RPC etc.)

• Ajax and RIA Components and understanding

• Web 2.0/HTML5 Applications and Components

• Understanding of HTML5, RIA and Silverlight Applications

• Attack trends and threat models from HTML5 and Mobile perspective

ASSESSMENT AND HACKING METHODOLOGIES 

• Application Assessment methodologies

• Blackbox Vs. Whitebox – Picking the right one

• Threat Modeling for Applications – HTML5/Mobile

• Application Footprinting, Discoveries and Profiling with respect to new threats and architecture

INJECTION AND FUZZING STREAMS (ZERO KNOWLEDGE) 

• Injections and Fuzzing with Web and AMF streams

• SQL injection over XML and JSON

• Blind SQL injections with Web  Components

• Detecting Injections and Tools

• XML and XPATH injections

• JavaScript and Command Injections

• LDAP injection

• AMF/WCF injections

• Fuzzing and server side stream injections

• Business logic flaws

• Exploiting Injection points and tools

CLIENT SIDE HACKING

• XSS and DOM based hacking

• HTML 5 injections and script executions

• CSRF and SOP bypass

• ClickJacking

• Mashup and Widget Hacking

• RSS and Client side data poisoning

• DOM based open redirects and forwards

• Securing browser and client side components

• CORS bypass

• COR Jacking

• DOM Hijacking

• Web Messaging & Workers hacks

• Geo-Location, Drag-Drop and API vectors

REVERSE ENGINEERING AND STATIC ANALYTICS

• Analyzing Application code

• Debugging JavaScript for vulnerabilities

• Logic bypass and vulnerabilities

• Reverse engineering Flash/Flex

• Analyzing Silverlight driven applications

• Dissecting HTML 5 applications

• Mobile application and Web view engineering

WEB SERVICES, SOA AND CLOUD HACKING 

• Cloud based application and architecture

• Hacking SaaS

• Open API abusing

• Web Services Scanning and Assessment

• Attacking Web Services and SOAP

• XML and SOAP poisoning and Vulnerabilities

• Filtering Web 2.0 traffic for security

• REST based hacks

MOBILE LAYER APPLICATION HACKS AND ATTACKS 

• Mobile interfaces and stack

• Application architecture and business access

• Android hacking and security

• iPAD and iPhone hacks and attacks

• Mobile security and countermeasures

HANDS-ON AND CHALLENGES

• Challenges for SQL Injection and XSS – Advanced Attack Vectors

• Hacking web store application

• Hacking Trading Application

• Exploiting and Securing Applications

• Tools – Proxies, Tracers, Debuggers, Fuzzers etc.

WHAT TO BRING / HARDWARE REQUIREMENTS

To participate in hands-on exercises you will need to come with a windows-based laptop.

• OS : XP, Vista or Server family

• Please install .NET framework

• 1 GB RAM

• All other tools will be provided

• Laptop should be wi-fi enabled

Note: All concepts taught in this class are punctuated with hands-on exercises based on situations observed in real life. The class ends with a challenge exercise. Working within a limited time period, participants are expected to analyze the code, identify loopholes, exploit vulnerabilities present in the applications and suggest appropriate defense strategies.

ABOUT THE TRAINERS

Shreeraj Shah (Founder/Director, Blueinfy)

Shreeraj Shah, B.E., MSCS, MBA, is the founder of Blueinfy, a company that provides application security services. Prior to founding Blueinfy, he was founder and board member at Net Square. He also worked with Foundstone (McAfee), Chase Manhattan Bank and IBM in security space. He is also the author of popular books like Hacking Web Services (Thomson 06) and Web Hacking: Attacks and Defense (Addison-Wesley 03). In addition, he has published several advisories, tools, and whitepapers, and has presented at numerous conferences including RSA, AusCERT, InfosecWorld (Misti), HackInTheBox, Blackhat, OSCON, Bellua, Syscan, ISACA etc. His articles are regularly published on Securityfocus, InformIT, DevX, O’reilly, HNS. His work has been quoted on BBC, Dark Reading, Bank Technology as an expert.

Hemil Shah (Founder/Director, eSphere Security)

Hemil Shah, CISSP, CSSLP, ACP is the founder and Director of eSphere Security, company  that provides Professional services in Security Arena. He has worked with HBO, KPMG, IL&FS and Net-Square in security space. He has published several advisories, tools, and whitepapers, and has presented at numerous conferences. Hemil is expert in Mobile Application Security, Application Security, researching new methodologies and training designs. He has performed more than 1000 security consulting assignments in the area of penetration testing, code reviews, web application assessments, security architecture reviews and Mobile application security review.