SQL Injection (SQLi) vulnerabilities are the most common injection flaws found in web applications today, ranking number one in the OWASP Top 10 most critical web application security risks. When an attacker is able to find and exploit such a vulnerability, the end result is often disastrous: complete database download, application backdoor created or even remote code execution. Suffice to say that penetration testers need to find these vulnerabilities before the bad guys do.
But vulnerability scanners and automated exploitation tools like sqlmap can only do so much when it comes to finding and exploiting SQLi vulnerabilities. While they do a good job for regular or error-based SQLi vulnerabilities, their success rate lowers drastically when blind SQLi is encountered, especially when time-based attacks are required. And if you need to be quiet on the network, most tools are just insanely noisy…
This course is designed to help penetration testers who have been using these tools to get to the next level, where finding and exploiting SQLi is no longer easy. When only a browser and notepad are available to you or when being quiet is critical, you will be glad you know this stuff.
1) SQL crash course for hackers
2) Error-based SQL Injection
- Bypassing login (demo)
- UNION exploitation techniques (exercise)
3) Blind SQL Injection
- Splitting and Balancing
- Boolean exploitation techniques (exercise)
- Time-based exploitation techniques (exercise)
4) Using tools
- Exploiting error-based and blind SQLi using sqlmap (exercise)The Application Security Fundamentals is an in-depth, one-day course that teaches the foundational principles of application and product security. This course is aimed at beginners or those new to application security. In class exercises are included throughout the day to generate interaction and discussion amongst students. The course is modular, and covers application security vocabulary, attacks and attackers, data breaches, business myths, the threat Landscape, software supply chain, security culture and mindset, managing security resources, soft skills, secure development lifecycle, privacy, product incident response, and trusted knowledge sources.
Developing the Defensive Application Security Program
Creating your Websites and Web Applications inventory
Defining proper Software Security controls by Application Risk
Quick Test and Quick Wins with OWASP ZAP
Selecting and using proper Static Analysis tools
Finding insecure libraries using OWASP Dependency Check
Virtual Patching of legacy applications with Mod_Security
Applying Secure-Headers automatically
Detecting malicious behavior with OWASP AppSensor
Developing and presenting the Security Dashboard
The intended audience is very broad from developers to managers, beginners to advanced users.
The length is one-day.
The students will receive the class syllabus and book.
This course is a summarized version of a six-month class taught in 3 courses of our University.
The trainer is a PhD student in Cyber-Security and professor at IFC (Catarinense Federal Institute), (ISC)2's Certified Secure Software Lifecycle Professional (CSSLP),
ISSECO® Certified Professional for Secure Software Engineering (CPSSE), ISO/IEC 27002 Foundation Certified,
ISEB/ISTQB Certified Professional e ITIL F.
Worked as Security Consultant and implementing OWASP best practices for securing software in companies like DELL, EDS (HP) and Elavon/US Bank.
Published articles at international conferences and presented at OWASP AppSec Latam, FLISOL and RoadSec between others.