Pentest Web White Box Intermediate - 5 days
Description
The complexity of modern web applications requires a strong understanding of the native mechanisms of the languages used. Source code analysis methods make it possible to optimize the search for vulnerabilities during an intrusion.
During this five-day course, you will acquire the skills necessary to identify complex vulnerabilities within the source code of Java and PHP applications. Based on many practical cases on popular frameworks such as Spring or Symfony, participants will learn how to optimize their research using static and dynamic analysis tools.
-
5 days ( 35 hours ) customizable
-
7 course modules covering the specifics of Java and PHP
-
Case studies on Spring, Struts, Hibernate, Zend, Symfony and Laravel frameworks
Public and prerequisites
This training is suitable for people with good knowledge of web technologies and associated vulnerabilities. It is mainly intended for pentesters and developers wishing to improve their research method.
-
Pentesters
-
Developers
Good networking and Unix knowledge is recommended.
Content
Day 1
Methodology: top-down, bottom-up and hybrid approaches, static and dynamic analysis, tooling. Classic Java applications: structure of an application ( Class components, JAR, JSP, configurations ), formats ( WAR, EAR ), web.xml configuration ( URI mapping, filters, hooks, security constraints ), application of top-down and bottom-up approaches, tooling.
Day 2
Framework-based Java applications: identification, analysis of architectures and implementations of Spring ( JavaBean, MVC pattern, SpEL, AOP, Security ), Struts2 ( actions, interceptors, views, OGNL, configuration, SMI/DMI, devMode ) and Hibernate ( definition models, configuration of connectors, ORM, HQL and SQL transformation ), overview of other common frameworks ( JavaServer Faces, VAADIN, SEAM, Play ).
Day 3
Java instrumentation: Byteman, AspectJ and JDWP. Closed-source Java applications: methods and tooling for decompilation.
Day 4
Framework-based PHP applications: setting up the analysis environment ( IDE, Xdebug, PHP configuration ), analysis of architectures and implementations of Symfony ( ORM, routing, constraints, authentication and access control ), Zend ( routing , authentication and access control ) and Laravel ( structure, configuration ). POP chains: concepts, research and development.
Day 5
Closed-source PHP applications: mechanisms ( scrambling, encryption ), analysis of Blenc and IonCube implementations, use of protected code extraction and analysis tools ( VLD, Xdebug, Dtrace, AOP, APD, RunKit ).