Saturday, July 17, 2010

TRAINING: Web Testing & Exploiting Workshop

Bonsai, brings again the best Security Web training of nowadays to ekoparty




Check here for further information.


TITTLE:
Web Testing & Exploiting Workshop

INTRODUCTION:
The Bonsai Web application Security training focuses on teaching participants the different Web vulnerabilities and the way in which these can be identified manually or automatically. During the course you will learn theoretical concepts followed by hands-on practices performed in the laboratory especially designed for the course.

Our experience in training has helped us to create the best course of Web Application Security, which is aimed at understanding the source code: for each subject a vulnerable code segment is presented. In the class, attendees will learn Vulnerability in Java, PHP, ASP.NET, ASP, Ruby and Python languages.

The course was developed for participants, with varying skill levels, can benefit as much as possible. During the first hour, will review basic concepts on HTTP and generic techniques about vulnerability discoveries, then gradually the difficulty will increase up to the level you can understand and identify more complex vulnerabilities. Informatic security experts, as well as Web application developers will benefit from this course.

To ensure the quality of our course, we will have a maximum of eighteen assistants, each with its own computer and connected to the training laboratory.

GOALS:
- Transfer the knowledge, tools and necessary techniques to understand the different types of existing Web Vulnerabilities, to identify any security leak in the future.

- Understand vulnerabilities in a theoretical environment and be able to identify them in practical laboratory examples.

- Apply in a controlled environment and using hands-on methodology the tools used by professionals like w3af ( created by the trainer), burp and sqlmap.

MATERIALS:
All the students will received:
- A folder with the training slides
- Live CD with the Web security tools used in the training
- VMware Image with the training environment
- Assistance Certificate

TRAINER: Nahuel Grisolía
Nahuel Grisolía is Project Manager of Penetration testing team in Bonsai Information Security Company. Currently he is working in Intrusion Test projects, related with Web application and LAN/WAN networks. His main interest is on the security development and web application analysis, code reviewing, GNU Linux/Unix platforms and electronic devices.

Nahuel has discovered many vulnerabilities related with Web application security on commercial products like McAfee Ironmail and Manage Engine Service Desk Plus and in Free Software projects like Achievo, Cacti, OSSIM y osTicket.

Currently, he is is attending Ingenireria en Informatica at UBA (Universidad de Buenos Aires) and has a CEH certification provided by EC-Council.

TRAINER: Andrés Riancho
Andrés Riancho is an information security researcher and he has founded Bonsai Information Security Company. Besides managing Bonsai, he is involved in the Penetration Testing and Vulnerabilities Research presentations. He has discovered critical vulnerabilities in IPS appliances from 3com and ISS and hascontributed in SAP security investigation for may other security information companies.

His main concern has always been Web application security. This concern took him to create a tool to help in the optimization of Web applications and based on this need he designed and develop w3af software (Web Application Attach and Audit Framework), which is widely used for penetration testers and security consultants. Andrés has spoken at numerous security conferences around the world, such as SecTor (Canada), FRHACK (France), OWASP (Polony) CONFidence (Polony), OWASP World C0n (USA), CanSecWest (Canada), T2 (Finland) y ekoparty (Buenos Aires).

Andrés founded Bonsai in 2009 to continue his investigation about automated vulnerabilities detection and exploitation in Web applications. And to provide professional and high quality service in a undeveloped area like information security.


AGENDA:

1. HTTP protocol introduction
. Requirements and responses
. HTTP Headers
. Secure Socket Layer (SSL)

2. Generic concepts for secure web application development
. Tainted Variables
. Sensitive Functions
. Functions validation

3. Types of analysis:
. Static code analysis, black box testing and gray box testing
. Definitions
. Detectable Vulnerabilities
. Non-Detectable Vulnerabilities

4. Configuration and development common errors
. HTML Comments and versions
. Backup Archives
. Local data bases
. HTML hidden fields
. Directory numeration
. Directory Indexing

5. Web Application Vulnerabilities
. Error and exception messages
. Path Disclosure
. OS Commanding
. Local file read
. Local inclusion of archives
. Path Traversal and Null Bytes
. Remote file inclusions
. HTTP Response Splitting
. Non-Common Attack vectors
. LDAP Injection
. PHP preg_replace vulnerabilities
. SQL Injection
. Blind SQL Injection
. Cross Site Scripting (XSS)
. Cross Site Request Forgeries / Session Riding

6. Scalation of privileges in Web application

7. Vulnerabilities in the application logic

8. Control in the Object authorization

9. Web services Security considerations

10. Web 2.0 application vulnerabilities

4 comments: