Web Security Workshop
Course Contents
A. Basics:
- Security Terminology - Asset,Risk,Exploit,Vulnerability,Threat and Threat Agent.
- Security concepts
C-I-A-N --> Confidentiality-Integrity-Availability-Nonrepudiation. - What is hacking ?
- Types of Hacking
B. Password Hacking
- Definition : password , cryptography , encryption
- Methods to hack password
Brute Force attack
Project 1 : Code brute force tool using HTML – PHP
Sniffing - best tool for packet sniffing wireshark.org
Social Engineering
Spoofing or Masquerading
Project 2 : lets Code a look-alike Gmail page and spoof a friends account LIVE using HTML-Js-PHP
C: Email Hacking
- Phishing attack
- Password Stealing for mail Accounts
- Cookie Stealing
D. Web Application (or Site) attack
5 Different Ways to attack a Site
5 Different Ways to attack a Site
- Injection Attacks
Project 3 :Perform SQL Injection attack.
Project 4 :Perform Browser Injection by changing the product ID on a E commerce Site. - PHP Remote File Includes
Project 5 : Code a simple HTML page. Use <?php include("header.php"); ?> to include an Image. Try changing the header file , see the o/p. - Cross Site Scripting (XSS)
Project 6 : Code a simple chat engine. Try using an <iframe> tag to display some other site / to run some malicious script. - Cross Site Request Forgeries (CSRF)
- Insecure Communication - Understanding Man in The Middle attack
E. Methods for Encrypting Data before transmission / storing
- convert_uuencode() and convert_uudecode()
- crypt() for DES , MD5 , SHA and BlowFish
- Hash functions
- Concept of generating a digital signature for a file before transmission
F. Resources required during the Workshop :
- 1> Download Notepadd++
- 2> Download XAMPP ( For Running PHP )
- 3> Youtube Video - Steps To Install Xampp and Test a PHP Code
- 4> Download eNotes
Course Highlights
- 1. Comprehensive study material
- 2. Participation certificate issued by Suven Consultants & Technology Pvt ltd.
- 3. All concepts supported with Live demonstrations
- 4. Work shop includes coding of 7 projects demonstrated live in the class
Fees : Rs 990/- Only
Benefits
- 1. Complete Knowledge of system security based on MU subjects like Information And System Security for CM , IT and EXTC students.
- 2. Branch Relevant Work shop certifications improve your Resume.
- 3. Increase Probability of cracking ON-Campus technical Interviews
- 4. Basis for High End Certification in IS and Ethical Hacking.