Call : (+91) 99 8080 3767
Mail : info@EncartaLabs.com
EncartaLabs

Java Applications - Security Testing

( Duration: 3 Days )

Testing for security needs a remarkable software security expertise and a healthy level of paranoia, and this is what this course provides: a strong emotional engagement by lots of hands on labs and stories from real life. This Java Applications - Security Testing training course goes through the common Web application security issues following the OWASP Top Ten but goes far beyond it both in coverage and the details. A special focus is given to finding all discussed issues during testing, and an overview is provided on security testing methodology, techniques and tools.

By attending Java Applications - Security Testing workshop, delegates will learn:

  • Getting familiar with essential cyber security concepts
  • Understanding Web application security issues
  • Detailed analysis of the OWASP Top Ten elements
  • Putting Web application security in the context of Java
  • Going beyond the low hanging fruits
  • Understanding security testing methodology and approaches
  • Getting familiar with common security testing techniques and tools
  • Managing vulnerabilities in third party components
  • Identify vulnerabilities and their consequences
  • Security best practices in Java
  • Input validation approaches and principles

  • General Java and Web development, testing and QA

The Java Applications - Security Testing class is ideal for:

  • Java developers and testers working on Web applications

COURSE AGENDA

1

Cyber security basics

  • What is security?
  • Threat and risk
  • Cyber security threat types
  • Consequences of insecure software
2

The OWASP Top Ten - 1

  • OWASP Top 10 - 2017
  • A1 - Injection
    • Injection principles
    • Injection attacks
    • SQL injection
      • SQL injection basics
      • Attack techniques
      • Content-based blind SQL injection
      • Time-based blind SQL injection
      • Input validation
      • Parameterized queries
      • Additional considerations
      • Testing for SQL injection
    • Code injection
      • OS command injection
      • Using Runtime.exec()
      • Using ProcessBuilder
      • Testing for command injection
      • Script injection
  • A2 - Broken Authentication
    • Authentication basics
    • Multi-factor authentication
    • Authentication weaknesses - spoofing
    • Spoofing on the Web
    • Testing for weak authentication
    • Password management
      • Inbound password management
      • Storing account passwords
      • Password in transit
      • Dictionary attacks and brute forcing
      • Salting
      • Adaptive hash functions for password storage
      • Password policy
      • NIST authenticator requirements for memorized secrets
      • The dictionary attack
      • The ultimate crack
      • Exploitation and the lessons learned
      • Password database migration
      • (Mis)handling null passwords
      • Testing for password management issues
3

Security testing - 1

  • Security testing vs functional testing
  • Manual and automated methods
  • Security testing methodology
    • Security testing - goals and methodologies
    • Overview of security testing processes
    • Identifying and rating assets
      • Preparation
      • Identifying assets
      • Identifying the attack surface
      • Assigning security requirements
    • Threat modeling
      • SDL threat modeling
      • Mapping STRIDE to DFD
      • DFD example
      • Attack trees
      • Attack tree example
      • Misuse cases
      • Misuse case examples
      • Risk analysis
    • Security testing approaches
      • Reporting, recommendations, and review
4

The OWASP Top Ten - 2

  • A3 - Sensitive Data Exposure
    • Information exposure
    • Exposure through extracted data and aggregation
  • A4 - XML External Entities (XXE)
    • DTD and the entities
    • Entity expansion
    • External Entity Attack (XXE)
      • File inclusion with external entities
      • Server-Side Request Forgery with external entities
      • Preventing XXE
  • A5 - Broken Access Control
    • Access control basics
    • Failure to restrict URL access
    • Testing for authorization issues
    • Confused deputy
      • Insecure direct object reference (IDOR)
      • Authorization bypass through user-controlled keys
      • Testing for confused deputy weaknesses
    • File upload
      • Unrestricted file upload
      • Good practices
      • Testing for file upload vulnerabilities
  • A6 - Security Misconfiguration
    • Configuration principles
    • Configuration management
      • Testing for misconfiguration issues
  • A7 - Cross-site Scripting (XSS)
    • Cross-site scripting basics
    • Cross-site scripting types
      • Persistent cross-site scripting
      • Reflected cross-site scripting
      • Client-side (DOM-based) cross-site scripting
      • Protection principles - escaping
      • XSS protection APIs in Java
      • XSS protection in JSP
      • Additional protection layers
      • Client-side protection principles
      • Testing for XSS
5

The OWASP Top Ten - 3

  • A8 - Insecure Deserialization
    • Serialization and deserialization challenges
    • Deserializing untrusted streams
    • Using ReadObject
    • Sealed objects
    • Look ahead deserialization
    • Testing for insecure deserialization
    • Property Oriented Programming (POP)
      • Creating payload
  • A9 - Using Components with Known Vulnerabilities
    • Using vulnerable components
    • Untrusted functionality import
    • Importing JavaScript
    • Vulnerability management
      • Patch management
      • Vulnerability databases
      • DevOps, the build process and CI / CD
      • Dependency checking in Java
  • A10 - Insufficient Logging & Monitoring
    • Logging and monitoring principles
    • Insufficient logging
    • Plaintext passwords at Facebook
    • OWASP security logging library for Java
  • Web application security beyond the Top Ten
    • Client-side security
    • Tabnabbing
    • Frame sandboxing
      • Cross-Frame Scripting (XFS) attack
      • Clickjacking beyond hijacking a click
6

Security testing - 2

  • Security testing techniques and tools
    • Code analysis
      • Security aspects of code review
      • Static Application Security Testing (SAST)
    • Dynamic analysis
      • Security testing at runtime
      • Penetration testing
      • Stress testing
      • Dynamic analysis tools
      • Dynamic Application Security Testing (DAST)
      • Web vulnerability scanners
      • SQL injection tools
      • Proxy servers
      • Fuzzing
7

Common software security weaknesses

  • Input validation
    • Input validation principles
      • Blacklists and whitelists
      • Data validation techniques
      • What to validate - the attack surface
      • Where to validate - defense in depth
      • How to validate - validation vs transformations
      • Output sanitization
      • Encoding challenges
      • Validation with regex
    • Unsafe reflection
      • Reflection without validation

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 6,000 various courses on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting http://encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top