دوره آموزشی تست نفوذ برنامه‌های تحت وب

این دوره ترکیبی از جلسات حضوری و آنلاین به مدت ۴۰ ساعت می‌باشد. ۳۲ ساعت جلسه آموزشی به صورت آنلاین و ۸ ساعت کارگاه‌ به صورت حضوری در محل دانشگاه فردوسی مشهد برگزار خواهد شد. علاوه بر این، شرکت‌کنندگان در این دوره با حل تمرین‌ها و وظایف تحویلی به ارتقاء مهارت‌های خود می‌پردازند و پس از اتمام دوره، و کسب امتیاز قبولی در آزمون نهایی، مدرک معتبری از طرف آزمایشگاه آپا دریافت می‌کنند.

پیش‌نیازهای دوره

آشنایی مقدماتی با کامپیوتر و اینترنت.


مخاطبان دوره

  • علاقه‌مندان به امنیت اطلاعات و تست نفوذ.

توانمندی‌های پس از دوره

  • آشنایی با مبانی امنیت وب
  • آشنایی با روش‌های مختلف تست نفوذ
  • آشنایی با استانداردهای امنیتی حوزه وب
  • آموزش عملی و کاربردی انواع روش‌های تست نفوذ

    هزینه دوره

    تومان ۲،۵۰۰،۰۰۰

  • مدرس دوره

    مهندس سجاد تقی‌نژاد
  • مهندس امنیت، کارشناس ارشد آزمایشگاه تخصصی آپا دانشگاه فردوسی مشهد

  • شروع کلاس‌ها

    چهارم اردیبهشت ماه ۱۴۰۳
 

زمان‌بندی کلاس‌ها



سرفصل‌های دوره


1.Introduction to bootcamp

Course Overview

Course Structure

Prerequisites

Course Objectives

Getting Started!

2. Operation System

Windows

Architecture

Mac

Linux

Learning Linux for Web Application Penetration Testing

3. Networking

Basic Computer Networking

Subnetting

Gateway

Terminologies

Protocols

4. Web Applications

Definition and Importance

Evolution of Web Applications

Common uses and Examples

Web Application Architecture

Frontend vs. Backend

Three-tier architecture

Fundamentals of Web Technologies

HTML, CSS, JavaScript: Basics and interactions

Client-server architecture

HTTP protocol: Understanding request-response cycle

HTTPS protocol

Common Web Application Technologies

Server-side scripting languages (e.g., PHP, Python, Asp)

Frameworks (e.g., Laravel, Django, .net)

Databases (e.g., MySQL, PostgreSQL, MongoDB)

Types of Web Applications

Static

Dynamic Web Applications

Single-Page Applications (SPAs)

Progressive Web Applications (PWAs)

E-Commerce Web Application

Portal Web Application

Content Management System (CMS) Web Application

Rich Internet Applications (RIA)

5. Introducing Penetration Testing

Overview of Penetration Testing

Penetration Testing Phases

Types of Penetration Testing

Key Concepts in Penetration Testing

Benefits of Penetration Testing

Challenges and Considerations

Roles and Responsibilities

Web Application Security Fundamentals

OWASP

OWASP Top 10 vulnerabilities

Security by design principles

Importance of secure coding practices

Case Studies and Examples

7. Tools

8.Setting Up Penetration Testing Environment

Understanding Penetration Testing Environment

Selecting and Installing Operating Systems

Installing Penetration Testing Tools

Setting Up Practice Environments

8. Penetration Testing

Security Misconfigurations

Default Accounts and Settings

Unnecessary services and ports

Insecure network configurations

Exposed sensitive data

Missing security headers

Lack of Proper Error Handling

Using Components with Known Vulnerabilities

Outdated Libraries or Frameworks

Unpatched Software

Vulnerable Plugins or Extensions

Unverified components

Improper Logging and Monitoring

Insufficient event logging

Unsecured log storage

Logging sensitive information

Log Injection

Broken Authentication

Weak or predictable passwords

Session hijacking

Session replay

Session timeout issues

Username enumeration

Poor credential management

Brute Force Attacks

Session Fixation

Insecure Password Storage

Insecure authentication protocols

Insecure password recovery mechanisms

Cross-Site Request Forgery (CSRF)

File Upload Vulnerabilities

Unrestricted File Upload

Improper file type validation

Malicious File Execution

Insufficient file size limits

Failure to sanitize file names

Lack of server-side validation

Insecure file permissions

Content validation bypass

Client-side vulnerabilities

Server-side code execution

Broken Cryptography

Insecure cryptographic protocols

Insecure key management

Weak Encryption Algorithms

Insecure cryptographic usage

Injection Vulnerabilities

SQL Injection (SQLi)

Classic

Blind

Error-Based

Union-Based

Time-Based

Command Injection

NoSQL Injection

Cross-Site Scripting (XSS)

Reflected XSS

Stored XSS

DOM-Based XSS

SSI Injection (Server-Side Includes)

OS Command Injection

Path Traversal (Directory Traversal)

XML Injection

Broken Access Control

Insecure Direct Object References (IDOR)

Missing Function Level Access Control

Insecure Access Control Methods

Insufficient Authorization Checks

Privilege Escalation

9. Information Gathering

Introduction to Information Gathering

importance

goals and objective

Passive Information Gathering Techniques

Publicly Available Information

WHOIS Lookup

DNS Enumeration

OSINT (Open Source Intelligence)

Active Information Gathering Techniques

Port Scanning

Service Enumeration

Vulnerability Scanning

Banner Grabbing

Brute Force Attacks

Information Gathering for Specific Vulnerabilities

Security Misconfigurations

Using Components with Known Vulnerabilities

Improper Logging and Monitoring

Broken Authentication

File Upload Vulnerabilities

Broken Cryptography

Injection Vulnerabilities

Broken Access Control

10. Legal and Ethical Considerations

Ensuring compliance with laws, regulations, and ethical guidelines when conducting information gathering activities

Understanding the boundaries of permissible information gathering and respecting privacy rights

11. Practice and Task

12. Exam