Module 1: Security concepts
Module 2: Risk management
Module 3: Hackers attack phases
Module 4: Penetration testing
Module 5: Networking MitM attacks
Module 6: Overview of web technologies and frameworks
Module 7: Tools of the trade
Module 8: Bypassing client side controls
Module 9: Authentication attacks
Module 10: Design/implementation flaws
Module 11: Web application attacks: Injection (A1)
Module 12: Web application attacks: XSS/CSRF (A3/A8)
Module 13: Web application attacks: Broken authentication and session management (A2)
Module 14: Web application attacks: Insecure direct object references/Missing function level access control (A4/A7)
Module 15: Web application attacks: Security mis-configuration/Sensitive data exposure (A5/A6)
Module 16: Web application attacks: Unvalidated redirect and forwards (A10)
Module 17: Logical flaws
The trainer always ensured me fully understand what he had taught and do not hesitate to repeat again if I am still not clear about it. He is committed to preparing more samples to show me to answer the extra questions from me.
Kenny, Jiun Ming Wee
Very knowledgeable and approachable trainer.
- Trainocate (S) Pte. Ltd.
I enjoyed the practical exercises. Hands-on is the best way to learn.
- W L Gore & Associates (UK) Ltd
Also provided a lot of curiously related interesting in some way with the subject
- EduBroker Sp. z o.o.
Security models, discussion of good programming practices, various types of attacks.