|What to bring:
The students will be required to provide their own laptop with an Ethernet NIC.
The laptop should have a web browser installed.
Students MUST have a working network sniffer that can operate in promiscuous mode.
To ensure the ability for the students to participate throughout the class students should install all the tools previous to attending the class.
No laptops or or software are provided
What we cover:
The purpose of this class is to educate security analysts and quality assurance personnel to the common methods used to gain or escalate the privileges a user has to a web application deployed using Microsoft .NET technology. The class content covers everything from bypassing custom authentication systems and performing denial of service attacks to XML injections and breaking poorly implemented cryptographic protection measures. Though the class focuses on possible attacks and how to perform those attacks to locate exposures within applications, it is also beneficial for network and application engineers to attend because the knowledge of how attacks are possible gives a valuable perspective on how to defend and detect these attacks. There will be a Web Service running in support of the .NET web application. This course is a must for developers and security experts when using these newer technologies.
Students will learn how to analyze web applications and develop plans of attack. The students will manually perform attacks on a given web application to teach the methodology and understanding behind attacks on web applications. After completing this course a student will have the ability to perform in-depth assessments of web applications and determine the risks that exist for exposures that are found. We teach a complete methodology from assessment to exploitation.
Students are required to provide their own laptop. A majority of the class will be labs based inside the operation of a web browser. Students attending this class should have a familiarity with a web browser. No experience with web penetration testing is required though some labs may be complicated for those that have no experience.
Students will be required to have a working network sniffer that can operate in promiscuous mode. Students will be connected to a server and each other via a wired Ethernet network. Free network sniffers are available on the Internet and should be downloaded and installed before attending the class.
Students will be given printed materials for the presentation, lab manual and a booklet containing the course content that the student can use as a reference during real world testing as needed.
Students should expect minimal lecture and excessive amounts of step-by-step hands on lab training. Participation in the labs is required and the students must bring a laptop with a web browser installed. The students will be present on an active network with other students. It is forbidden to attempt to exploit your fellow students. No network activity outside of the labs or by express permission from the teacher will be allowed. The student next to you is not a target.
Course Length: 2 days
Cost: US $1700 before July 1, 2004 or US $1900 after July 1, 2004
NOTE: this is a two day course. A Certificate of Completion will be offered.
Drew Miller has been a software engineer for more than ten years. Drew has worked at many levels of software development, from embedded operating systems, device drivers and file systems at Datalight Inc. to consumer and enterprise networking products such as Laplink’s PCSync and Cenzic’s Hailstorm. Drew’s experience with many software genres combined with his passion for security give him a detailed perspective on security issues in a wide variety of software products.
Drew’s latest projects were the aided design and development of two security courses for Hewlett-Packard at the Hewlett-Packard Security Services Center. One course aimed at educating quality assurance personal and the other educating developers to the exposures that exist in present day network applications and how to avoid such exposures. Drew is currently an instructor for Black Hat Training, Inc.
Joshua Betts is an experienced web and VB consultant. He has assisted in the development and deployment of web applications for companies. Recently his research has focused on infrastructure and application vulnerabilities. Joshua is currently a consultant for Black Hat Training, Inc.