7Safe Certified Security Testing Professional Training (CSTP)

7Safe Certified Security Testing Professional Training (CSTP)


7Safe Certified Security Testing Professional Training (CSTP) with hands-on labs

The 7Safe Certified Security Testing Professional Training (CSTP) course introduces delegates to the exploitation and security auditing of web applications. It also reinforces and develops techniques from CSTA. Web application vulnerabilities can pose serious problems to an organizations security. Many do not realize how much control an attacker can gain via a simple flaw in the security of a ublic-facing web application. The CSTP commands industry recognition and forms part of 7Safe’s ground-breaking Masters-level education program.

Customize It:

With onsite Training, courses can be scheduled on a date that is convenient for you, and because they can be scheduled at your location, you don’t incur travel costs and students won’t be away from home. Onsite classes can also be tailored to meet your needs. You might shorten a 5-day class into a 3-day class, or combine portions of several related courses into a single course, or have the instructor vary the emphasis of topics depending on your staff’s and site’s requirements.

7Safe Certified Security Testing Professional Training (CSTP)Related Courses:

Duration: 4 days

Skilled Gained:

• Review of professional penetration testing tools
• Further exercises against Windows and UNIX targets
• The Metasploit framework
• Web application security, including:
• SQL Injection
• Cross-site scripting (XSS)
• Cross-site request forgeries (CSRF)
• Threats to users

Course Content:

Infrastructure Penetration Testing
• Use of the Nikto web server scanner & Nessus
• Remote registry hacking & silent RAT installation
• Understand the Metasploit Framework, including the powerful Meterpreter payload

Hacking Web Applications
• Find & assess weaknesses in PHP & ASP.NET web applications
• Learn how you can use SQL injection to bypass authentication & reveal confidential information
• Gain SYSTEM level access to a web server hosting a poorly secured web application
• Learn what web application vulnerability scanners can and can’t do to map out weaknesses in web applications
• Practical injection techniques used to glean, manipulate & corrupt data
• Test and exploit web applications using HTTP request & response modification
• Launch attacks using an HTTP proxy
• Further attacks using extended stored procedures

Client-Side Attacks
• Discover the potential severity of the often underestimated XSS vulnerability
• Understand cross-site request forgeries
• Common browser & e-mail client hacking techniques used to target Internet users
• Attack a Windows XP Workstation
• Enhance attacks through e-mail spoofing
• Use XSS with session cookie theft to compromise a user’s online identity and steal confidential information
• Launch a web application dictionary attack
• Use Metasploit’s autopwn to automatically attack a user’s browser

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment