2. Basics of Application Security
• HTTP and HTTPS
• Symmetric key
• Asymmetric key
• Session key
• Analyzing a certificate
• Sniffing HTTP and HTTPS
• Calomel plugin
1/1/2013 99X Technology(c) 2
3. Basics of Application Security
• Man in the middle
• Analyzing browser requests
• Analyzing server response
• https communication
• https and s-http
1/1/2013 99X Technology(c) 3
4. Basics of Application Security
• What OWASP does
• Builders , Breakers and Defenders
1/1/2013 99X Technology(c) 4
5. Web Application penetration testing
• Basic web testing methodology
• Vulnerability, Threat and Exploit
• Developer level application security overview - Asanka
1/1/2013 99X Technology(c) 5
6. Web Application penetration testing
• Application Security frameworks
• Before development begins
• During definition and design
• During development
• During deployment
• Maintenance and operations
1/1/2013 99X Technology(c) 6
12. Secure Authentication
• Parameter tampering
• Bypass HTML Field restrictions
• Exploit hidden fields
• Bypass client side JavaScript validation
• Coding controls for Parameter Tampering
1/1/2013 99X Technology(c) 12
13. Secure Authentication
• Access control flaws
• Using an Access control matrix
• Bypass a path based access control scheme
• Bypass data layer access control
1/1/2013 99X Technology(c) 13
14. Injections
• SQL injection classes
• In band
• Out of band
• Inferential
1/1/2013 99X Technology(c) 14
15. Injections
• Techniques to exploit sql injections
• Union operator
• Boolean
• Error based
• Out of band
• Time delay
1/1/2013 99X Technology(c) 15
16. Injections
• Standard SQL injection testing
• SELECT * FROM Users WHERE Username='$username' AND
Password='$password'
• Numeric sql injection
1/1/2013 99X Technology(c) 16
24. Session Management
• Check your cookies
• Cookie collection
• Cookie reverse engineering
• Cookie manipulation
• Hijack a session
• Hijack a session
• Spoof an authentication cookie
• Session fixation
1/1/2013 99X Technology(c) 24
25. Session Management
• How developers work on session handling
1/1/2013 99X Technology(c) 25
26. Code Quality
• Code quality breach
• Discover clues in the HTML
1/1/2013 99X Technology(c) 26
27. Cross Site Scripting
• Scripting types
• Reflected cross site scripting (non-persistent XSS)
• Stored cross site scripting (second-order XSS)
• DOM based cross site scripting (type 0 xss)
1/1/2013 99X Technology(c) 27
28. Cross Site Scripting
• Reflected cross site scripting (non-persistent XSS)
• Testing for reflected XSS
• Reflected xss
1/1/2013 99X Technology(c) 28
29. Cross Site Scripting
• Bypass XSS filters
• Tag Attribute Value
• Different syntax or enconding
• Bypassing non-recursive filtering
1/1/2013 99X Technology(c) 29