We are official members to

web technology training in Mumbai 2 web technology training in Mumbai 2 web technology training in Mumbai 4


Web Security Workshop



Work shop contents are excellent and apt to the industry requirements. Today Internet has many threats, securing it is an Integral part of development.
Shanti Motwani , Vice President - Operations , Accenture

Today security is as much important as development. Developing unsecured code is very expensive in maintenance. I appreciate prof Rocky Jagtiani Information security workshop.
Tarik Sheth , Project Manager , Morgan Stanley

Security is most important feature in E commerce and banking sites. Any lapse in it can cost the organisation its reputation. Irrespective of the technology , knowing security features is important.
Manish Lamba , Finance Manager , Edelweiss ( Investment Company )


Course Contents

A. Basics:
  1. Security Terminology - Asset,Risk,Exploit,Vulnerability,Threat and Threat Agent.
  2. Security concepts
    C-I-A-N --> Confidentiality-Integrity-Availability-Nonrepudiation.
  3. What is hacking ?
  4. Types of Hacking
B. Password Hacking
  1. Definition : password , cryptography , encryption
  2. Methods to hack password Brute Force attack
    Project 1 : Code brute force tool using HTML – PHP
    Sniffing - best tool for packet sniffing wireshark.org

    Social Engineering

    Spoofing or Masquerading

    Project 2 : lets Code a look-alike Gmail page and spoof a friends account LIVE using HTML-Js-PHP
C: Email Hacking
  1. Phishing attack
  2. Password Stealing for mail Accounts
  3. Cookie Stealing
D. Web Application (or Site) attack

5 Different Ways to attack a Site
  1. Injection Attacks
    Project 3 :Perform SQL Injection attack.

    Project 4 :Perform Browser Injection by changing the product ID on a E commerce Site.

  2. PHP Remote File Includes
    Project 5 : Code a simple HTML page. Use <?php include("header.php"); ?> to include an Image. Try changing the header file , see the o/p.

  3. Cross Site Scripting (XSS)
    Project 6 : Code a simple chat engine. Try using an <iframe> tag to display some other site / to run some malicious script.

  4. Cross Site Request Forgeries (CSRF)

  5. Insecure Communication - Understanding Man in The Middle attack

Note : We would discuss prevention of each type of attack with implementation

E. Methods for Encrypting Data before transmission / storing
  1. convert_uuencode() and convert_uudecode()
  2. crypt() for DES , MD5 , SHA and BlowFish
  3. Hash functions
  4. Concept of generating a digital signature for a file before transmission

F. Resources required during the Workshop :
  1. 1> Download Notepadd++
  2. 2> Download XAMPP ( For Running PHP )
  3. 3> Youtube Video - Steps To Install Xampp and Test a PHP Code
  4. 4> Download eNotes

Course Highlights

  1. 1. Comprehensive study material
  2. 2. Participation certificate issued by Suven Consultants & Technology Pvt ltd.
  3. 3. All concepts supported with Live demonstrations
  4. 4. Work shop includes coding of 7 projects demonstrated live in the class

Fees : Rs 990/- Only





Work shop contents are excellent and apt to the industry requirements. Today Internet has many threats, securing it is an Integral part of development.
Shanti Motwani , Vice President - Operations , Accenture

Today security is as much important as development. Developing unsecured code is very expensive in maintenance. I appreciate prof Rocky Jagtiani Information security workshop.
Tarik Sheth , Project Manager , Morgan Stanley

Security is most important feature in E commerce and banking sites. Any lapse in it can cost the organisation its reputation. Irrespective of the technology , knowing security features is important.
Manish Lamba , Finance Manager , Edelweiss ( Investment Company )


Benefits

  1. 1. Complete Knowledge of system security based on MU subjects like Information And System Security for CM , IT and EXTC students.
  2. 2. Branch Relevant Work shop certifications improve your Resume.
  3. 3. Increase Probability of cracking ON-Campus technical Interviews
  4. 4. Basis for High End Certification in IS and Ethical Hacking.