Security Testing Hands-on Training for Web Application, Mobile & Network

8,999.00 7,499.00

Start Date: June 19, 2018
Time: 6:30 AM IST to 8 AM IST (Indian Standard Time)
Training Duration: 30 days
Session Duration: One and half hours (Daily)
Training Type: Online Training
Maximum number of attendees in each batch: 15


Security Testing Training Topics (Web, mobile & network)

1. Web Application Security Testing:

  • Introduction to Security Testing and its importance
  • Basic concepts of Security Testing
  • CIA Triad
  • HTTP Methods
  • Http Headers
  • Cookie VS Session
  • Cryptography- Encryption, Encoding, Hashing
  • SDLC and Threat Modelling
  • Security Testing process/Methodology
  • SSL Handshaking Process
  • OWASP 2013-2017 Vulnerabilities
  • SQL Injection
  • Cross Site Scripting
  • Cross-Site Request Forgery
  • Insecure Direct Object Reference
  • Failure to Restrict URL Access
  • Security Misconfiguration
  • Unvalidated redirects and forwards
  • Broken Authentication and session management
  • Using components with known vulnerabilities
  • Sensitive data exposure
  • Xml External Entity
  • Insecure Logging and Storage
  • Authentication related tests
  • Credentials transported over an encrypted channel
  • Testing for user enumeration
  • Default or guessable (dictionary) user account
  • Testing for Brute Force
  • Testing for Bypassing authentication schema
  • Testing for Vulnerable remember password and pwd reset
  • Testing for Logout and Browser Cache Management
  • Testing for CAPTCHA
  • Authorization-related tests
  • Path Traversals
  • Bypassing Authorization schema
  • Privilege Escalation
  • Session Management Testing
  • Session Hijacking
  • Session Fixation
  • Session Timeout
  • Session Replay
  • Session Invalidation
  • Exposed Session Variables
  • Configuration related tests
  • Missing Http Only and Secure Flags
  • Clickjacking
  • Unsafe CORS Policy- HTML5
  • Introduction to various Vulnerability Scanners
  • Scanning application using BurpSuite and False positive elimination
  • Bypassing client-Side Validations
  • Risk Rating and Report preparation

2. Mobile Security Testing- All the web application related test followed by the below

  • Creating Virtual Devices
  • Installing the APK/IPA file
  • Decompiling the file
  • SSH the device
  • Local data storage for information leakage
  • Intercepting the request using BurpSuite
  • Reverse Engineering  

3. Network Security Testing

  • Basic Concepts of Networking
  • OSI Layers
  • What is an IP
  • IP Address Classes
  • IP V4 VS IP V6
  • Different Ports
  • Different Protocols
  • Hubs, Switches, Routers
  • Firewalls
  • DMZ
  • Network Security Testing Methodology
  • Scanning a network using Nessus
  • Scanning and evidence gathering using Nmap
  • Internal Vs External Network Security Testing
  • Report Preparation
  • Tools Covered:
  • Web Application Security Testing – BurpSuite, Acunetix, Sslyze, Sqlmap
  • Network security Testing – Nmap, Nessus, SSLscan/Sslyze
  • Mobile Security Testing- Gennymotion and ADT Bundle

[Sample video YouTube. Play and do Full Screen]

Training session details:

  • Start Date: June 19, 2018
  • Time: 6:30 AM IST to 8 AM IST (Indian Standard Time)
  • Training Duration: 30 days
  • Session Duration: One and half hours (Daily)
  • Training Type: Online Training
  • Training Cost: INR 12,000/-
  • Maximum number of attendees in each batch: 15

Can I make the partial payment?

    • Yes, you can pay us half of the amount now and another half after two days of the session start date.

What if I miss any session?

      • We are recording all sessions. You can always watch these videos if you miss any session.

I have more questions, can I talk to any human?

      • Yes. You can chat with us, or you can call us at +91 9940228234.

The trainer has 10+ Years of Experience and is Certified in internationally renowned CISSP and CISA Certifications besides CEH.
We are providing Security Testing Hands-on Training for Web Applications. The following are the highlights of the training:

    • The trainer is a Passionate Cyber Security Professional having 10 Plus years of experience in information security testing.
    • Worked across various MNC’s
    • He is one of those few Security professional who holds internationally renowned CISSP and CISA Certifications besides CEH.
    • No pre-requisites required for this Training.
    • This course is appropriate for software development and testing professionals who want to begin doing security testing as part of their assurance activities.
    • Practical Hands-on training will be provided using various Security Testing Tools by a real-time expert.
      This is a beginner to advanced course on Web Application Security Testing (Penetration Testing)
    • Assignment/Tasks will be provided to build your confidence.
    • Don’t wait, just make a move and utilize this precious opportunity of Security Testing
    • Security Testers are in great demand and getting good packages on the market.
    • Be an all-rounder, instead of just sticking to normal Manual and Automation Testing skills.

About the author

I am a software testing and software test automation professional. I am into software testing industry since 2k9. I love testing a software product, exploring the world and my family.

In software testing, I have experience of testing more than 35 small and big applications. I have tested web applications, mobile applications, ETL applications and much more. I have got knowledge in multiple verticals like Finance, Banking, ECommmerce, Marketing, Gamming, and Education. Jenkins is my best friend. I am very good at Java, Git, IntelliJ, JavaScript, PHP, JUnit, TestNG, Linux, Mockito and many more testing frameworks and tools. I always try to utilize open source as much as possible. I even contribute to open source.

Here is my Github profile:
Maven profile:

Apart from my work at Softcrylic, I sometimes undertake freelance consulting work. You can hire me on upwork here.

Apart from Software testing, I love exploring the world. I have a blog where I share places I have visited.


There are no reviews yet.

Be the first to review “Security Testing Hands-on Training for Web Application, Mobile & Network”

Your email address will not be published. Required fields are marked *