كورس ECSP
تعريف بالكورس
شهادة أمن المبرمج يضع الأساس المطلوب لمن قبل امطورى التطبيقات ومنظمات تنمية إنتاج التطبيقات مغ مزيد من الإستقرار والأمان مع مزيد من الإستقرار والأمان بالنسبه لتطبيقات المستخدم ومخاطر أقل أيضا ولتأمين التطبيقات المطورة معتمده على قواعد المعرفه لتطوير التطبيقات من خلال دمج أفضل التقنبات والأساليب المعتمده من قبل بعض الخبراء فى المجالات المختلفه .
من الجوانب التى تميز شهادة ECSP هو ان الشهادات المحدده تحدد من قبل المشرفين أو المجال الخاص بها وكما انه يرضى طكوح كل ما يريد تعلم مختلف الأساسيات البرمجيه الأمنيه ومن منظور أمنى أيضا ويدفعك إلى أن تصمم منصات عمل متطوره جدا ويمكنك كم إستخدام لغتك المحببه إلى مزيد من الأمان والإبداع
من هم المستفيدون من الدوره
شعادة ECSP مخصصه للمبرمجين المسئولين غن تطوير وتصميم التطبيثات الأمنيه على الشبكه العالميه الثائمه إطار .net وهم المطورين الخاصيب بلغات البرمجه التاليه c# . c++ . jav . php asp.net and SQL وتنكيه المهارات بها
المتطلبات والمهارات
يجب أن تكون ملما بمهارات البرمجه الأساسيه
المده
5 أيام من 9 إلى 5
الشهاده
إمتحان بإسم ECSP 312-92 exam سوف يجرى فى أخر يوم من أيام الدوره ويجب أن يجتازه على الإنترنيت
وصف ومراحل الكورس والمواد التى سوف تدرسها
Module 01: Introduction to Secure Coding
* Case Study: Secure Coding Cuts Application Maintenance Costs
* Secure Coding
* Vulnerabilities Statistics For The Year 2008 and 2009
* Programming Errors
* Why Security Mistakes Are Made
* Need for Secure Programming
* Why Secure Coding is Important
* Building Blocks of Software Security
* Types of Security Vulnerabilities
* Software Vulnerability Life Cycle
* Types of Attacks
* Secure Coding Principles
o Security Principles
o Security Through Obscurity
o Buffer Overflows
o Format String Vulnerabilities and Race Conditions
o Locking Problems
o Exception Handling
o Fundamentals of Control Granularity
o Fail-Safe Design Strategies
o Fault Tolerance and Detection
o Fault Removal and Avoidance
o Input and Parameter Validation
o Encrypting Secrets in Memory and Storage
o Scrubbing Information
o Privilege Levels for Information Access
o Loose Coupling
o High Cohesion
o Change Management and Version Control
* Guidelines for Developing Secure Codes
o Validate All User's Input
o Sanitize Input Values
o Use the Principle of Least Privilege
o Do Fail Safe
o Handle Sensitive Security Information with Care
o Practice Defense-in-Depth
o Do Not Provide Hints to Attackers
o Do Not Add Comments Telling What the Code Does
o Make (Code) Buddies
o Study and Fix the Defects
o Consider Security Issues During Design
o Avoid Common Security Problems
o Scan Existing Applications for Code Weaknesses
o Use Threat Models
o Perform Software Testing
o Use Automated Source Code Vulnerability Scanning Tools
* Software Security Checklists
o Authentication
o Authorization
o Data Validation
o Session Management
o Logging
o Error Handling
o Cryptography
o Performance
o Use of Privilege
o User-Server Authentication
Module 02: Designing Secure Architecture
* Introduction to Secure Architecture
* Secure Architecture
* Application Security
* Factors Affecting Application Security
* Software Engineering and System Development Life Cycle (SDLC)
* SDLC Phases
o System Requirements
o Specifications
o Design
o Coding
o Testing
o Maintenance
* Software Methodology Models:
o Waterfall Model
o RAD (Rapid Application Development)
o JAD (Joint Application Development)
o Fountain Model
o Spiral Model
o Build and Fix
o Synchronize-and-Stabilize
* Agile Methodologies
* Extreme Programming (XP)
o Rules and Practices of Extreme Programming
o XP Practices
* Unified Modeling Language (UML)
o Primary Goals
o Diagram
o UML Tool
+ Rational Rose
+ Borland Together
* Threat Modeling
o Aspects of Security Threat Modeling
o STRIDE Threat Model
* Common Criteria
* Software Development Best Practices
* Microsoft SDL Threat Modeling Tool
* Borland® TeamInspector™
Module 03: Cryptography
* Introduction to Cryptography
* Encryption
* Symmetric Encryption
* DES Symmetric Encryption Process
* Asymmetric Encryption
* Asymmetric Encryption vs. Symmetric Encryption
* Decryption
* Use of Cryptography
* Cryptographic Techniques
o Classic Cryptographic Techniques
o Modern Cryptographic Techniques
* Cipher
* RSA (Rivest Shamir Adleman)
* Example of RSA Algorithm
* RSA Attacks
* Implementation of RSA in C++
* The Diffie-Hellman Key Agreement Standard
o The Diffie-Hellman Key Algorithm
o Diagrammatical Representation of Diffie-Hellman Key Algorithm
* Data Encryption Standard (DES)
* DES Overview
* Implementation of DES in Java
* Rijndael Algorithm
* RC4, RC5, RC6, Blowfish Overview
* RC5
* Blowfish Algorithm in C
* Message Digest Functions
* One-way Bash Functions
* MD5
* Implementing MD5 in Java
* Generating a Key and IV for Private-key Encryption
* SHA (Secure Hash Algorithm)
* Implementing SHA in Java
* Collision Search Attacks on SHA1
* Modern Cipher Breaking
* The Keyed-Hash Message Authentication Code (HMAC)
* SSL (Secure Sockets Layer)
* What is SSH?
* SSH (Secure Shell)
* Algorithms and Security
* Disk Encryption
* Government Access to Keys (GAK)
* Digital Signature
* Components of a Digital Signature
* Method of Digital Signature Technology
* Use of Digital Signature
* Digital Signature Standard
* Digital Signature Algorithm: Signature Generation/Verification
* Digital Signature Algorithms: ECDSA, ElGamal Signature Scheme
* Hashing Technique
o Hashing, MACs, and Digital Signatures using C# in .NET
* Challenges and Opportunities
* Digital Certificates
* Creating and Verifying a Simple XML Digital Signature in C#
* Cleversafe Grid Builder http://www.cleversafe.com/
* PGP (Pretty Good Privacy)
* CypherCalc
* Command Line Scriptor
* CryptoHeaven
* JavaScrypt: Browser-Based Cryptography Tool
* Steps to use JavaScrypt Encryption and Decryption Tool
* Cryptanalysis
* Cryptography Attacks
* Brute-Force Attack
* The distributed.net Organization
Module 04: Buffer Overflows
* Statistics: MS08-067 Exploit Activity from October 2008 to January 2009, Detected as MS.DCERPC.NETAPI32.Buffer.Overflow
* Buffer Overflows
* Reasons for Buffer Overflow Attacks
* Why are Programs/Applications Vulnerable?
* Understanding Stacks
* Understanding Heaps
* Stack-based Buffer Overflow
* A Simple Uncontrolled Overflow of the Stack
* Stack Based Buffer Overflows
* Heap-based Buffer Overflow
* Heap Memory Buffer Overflow Bug
* Heap-based Buffer Overflow
* Countermeasure against Buffer Overflow Attacks
* Buffer Overflow Defenses
* Attacking a Real Program
* Defense Against Buffer Overflows
* Return Address Defender (RAD)
* StackGuard
* Immunix System
* Vulnerability Search – ICAT
* Valgrind
* Insure++
o Insure++: Features
* Buffer Overflow Protection Solution: Libsafe
* Comparing Functions of libc and Libsafe
* Simple Buffer Overflow in C
* Code Analysis
Module 05: Secure C and C++ Programming
* Introduction of C/C++
* Important Features of Object Oriented Programming
* Vulnerable C/C++ Functions
* Strcpy()
* Strncat()
* Strncpy()
* Sprintf()
* Gets()
* C/C++ Vulnerabilities:
* Buffer Overflow
o Strings
+ Countermeasures
* Stack-Based Buffer Overflow
* Heap-Based Buffer Overflow
* Off by One/Five Errors
* Dangling Pointers
* Stack Smashing
* GCC Extension to Protect Stack-Smashing Attacks
* Integer Vulnerabilities
* Truncation
* Sign Error
* Pointer Subterfuge
* Bugs with Pointers and Memory
* Dynamic Memory Management
* Double Free Vulnerability
* Secure Memory Allocation Tips
* Symmetric Encryption
* Symmetric Encryption in C++
* Blowfish Algorithm in C
* Public Key Cryptography
* Public Key Cryptography in C++
* Networking
* Creating an SSL Client in C++
* Creating an SSL Server
* Random Number Generation Problem
* Anti-Tampering
o Anti-Tampering Techniques
* Erasing Data from Memory Securely using C/C++
* Preventing Memory From Being Paged to Disk
* Using Variable Arguments Properly
* Signal Handling
* Encapsulation in C++
* Best Practices for Input Validation
* Code Profiling And Memory Debugging Tool: Val grind
* Viva64 Tool
Module 06: Secure Java and JSP Programming
* Introduction to Java
* The Java Programming Language
* JVM
* Bytecode Basics
* Java Security
* Access Control
* Sandbox Model
* Security Issues with Java
* SQL Injection Attack
* SQL Injection using UNION
* Preventive Measures for SQL Injection
* URL Tampering
* Denial-of-Service (DoS) Attack on Applet
* Sample Code for DoS Attack
* DoS from Opening Untrusted Windows
* Preventing DOS Attacks
* .Class File Format
* Byte Code Attack
* Reverse Engineering/ Decompilation by Mocha
* Obfuscation Tools: Jmangle
* Cinnabar Canner
* Byte Code Verifier
* Class Loader
* Building a SimpleClassLoader
* Security Manager
* jarsigner - JAR Signing and Verification Tool
* Signing an Applet Using RSA-Signed Certificates
* Signing Tools
* Getting RSA Certificates
* Bundling Java Applets as JAR Files
* Signing Java Applets Using Jarsigner
* Signing Java Applets Using Netscape Signing Tool
* Security Extensions
* Java Security Overview: Basic Security Architecture
* Java Authentication and Authorization Service (JAAS)
* Java Cryptographic Extension (JCE)
* Java Cryptography Architecture
* JCE: Pseudo Code for Encryption
* JCE: Pseudo Code for Decryption
* Java Cryptography Architecture (JCA)
* Sample Code for Encryption and Decryption
* Secure Communication
* Java(TM) Secure Socket Extension (JSSE)
* Creating Secure Client Sockets
* Creating Secure Server Sockets
* Choosing the Cipher Suites
* Java GSS Security
o Code for GSS Server
o Code for GSS Client
* Java Server Page (JSP)
o Problem of Untrusted User Input
o JSP Security Issues: Sensitive Data in GET Requests and Cookies
o JSP Best Practices
* Security with Untrusted User Input
* Cross Site Scripting
* Overcoming Cross Site Scripting Problem
* Authentication in Java
* Permissions in Java
* How to create new types of permissions?
* Security Policy
* Specifying an additional Policy File at runtime
* Policy Tool
o Policy Tool: Creating a new Policy File
* Best practices for developing secure Java Code
Module 07: Secure Java Script and VB Script Programming
* Script: Introduction
* JavaScript Vulnerability
* Cross-Site Scripting (XSS)
* Cross-Site Scripting Attacks
* Avoiding XSS
* JavaScript Hijacking
* Defending Against JavaScript Hijacking
* Declining Malicious Requests
* Prevent Direct Execution of the JavaScript Response
* Malicious Script Embedded in Client Web Requests
* Malicious Script Embedded in Client Web Requests: Effects
* Malicious Script Embedded in Client Web Requests: Solution
* Tool: Thicket Obfuscator for JavaScript
* JavaScript Security in Mozilla
o JavaScript Security in Mozilla: Same Origin Policy
o Same Origin Check
o JavaScript Security in Mozilla: Signed Script Policy
* Netscape's SignTool
o Netscape's SignTool: Signing a File
* Privileges
* Tool for Encryption: TagsLock Pro
* JavaScript Shell (Jash): Javascript Command-Line Debugging Tool
* Tool: Script Encoder
* Tool: Scrambler
* VBScript: CryptoAPI Tools
* Signing A Script (Windows Script Host )
* Verifying a Script
* Signature Verification Policy
* Software Restriction Policies for Windows XP
* Software Restriction Policies for Windows Vista and Server 2008
* Designing a Software Restriction Policy
* Creating Additional Rules
* Blocking Malicious Scripts
* Rule for Blocking Malicious Scripts
Module 08: Secure Microsoft.NET Programming
* Common Terminology
* Microsoft .NET: Introduction
* .NET Framework
o .NET Framework Security Policy Model
* Security Policy Levels
* Security Features in .NET
* Key Concepts in .NET Security
* Code Access Security (CAS)
* Using Code Access Security in ASP.NET
* Steps to use CAS in ASP.NET Applications
* Evidence-Based Security
* Role-Based Security
o Role-Based Security: Windows Principal
o Role-Based Security: Generic principal
* Declarative and Imperative Security
* Cryptography
* Generate Key for Encryption and Decryption
* Symmetric Encryption in .Net
* Asymmetric Encryption in .Net
* Symmetric Decryption in .Net
* Asymmetric Decryption in .Net
* Protecting Client and Server Data Using Encryption Sample
* Cryptographic Signatures
* Writing a Signature in .Net
* Verifying a Signature in .Net
* Ensuring Data Integrity with Hash Codes
* Hash Code Generation
* Verification of Hash Code
* Classes Implementing Public-key Encryption Algorithms
* Security Checklist for .NET Framework
* Permissions
* Code Access Permissions
* Identity Permissions
* Role-Based Security Permissions
* SkipVerification
* SkipVerification Sample Code
* Stack Walk
* Writing Secure Class Libraries
* Runtime Security Policy
* Step-By-Step Configuration of Runtime Security Policies
* Creating a Security Policy Deployment Package
* Type Safety
* Canonicalization
* Access Control List Editor
* Securing User Credentials and Logon Information
* Obfuscation
* Dotfuscator: .NET Obfuscator Tool
* Administration Tool: Authorization Manager (AzMan) with ASP.Net
* ASP.NET Security Architecture
* Authentication and Authorization Strategies
* URL Authorization
* File Authorization
* Windows Authentication
* Forms Authentication
* Passport Authentication
* Custom Authentication
* Implementing Custom Authentication Scheme
* Security Checklist for ASP.NET
o Design Considerations
o Application Categories Considerations:
+ Auditing and Logging
+ Authentication–Forms
+ Authorization
+ Communication Security
* Steps to Encrypt Configuration Sections in ASP.NET using DPAPI
* Configuring Security with Mscorcfg.msc
* Process Identity for ASP.NET
* Impersonation
* Impersonation Sample Code
* Secure Communication
* Storing Secrets
* Options for Storing Secrets in ASP.NET
* Web.config Vulnerabilities:
o Default Error Message
o Leaving Tracing Enabled in Web-Based Applications
o Enabled Debugging
o Cookies Accessible through Client-Side Script
o Enabled Cookieless Session State
o Enabled Cookieless Authentication
o Failure to Require SSL for Authentication Cookies
o Sliding Expiration
o Non-Unique Authentication Cookie
o Hardcoded Credential
* Securing Session and View State
* Web Form Considerations
* Securing Web Services
* Web Application Security Frame
* Web Application Security Frame Threats, Attacks, and Countermeasures
* Secure Remoting
* Create a Remotable Object
* Secure Data Access
* Protecting ASP.NET from SQL Injection Attack
* SQL Injection Example
* Steps to Prevent Cross-Site Scripting in ASP.NET
* .NET Security Tools
* Code Access Security Policy Tool
o Caspol.exe
o Caspol.exe Parameters
* Certificate Creation Tool: Makecert.exe
* Options in Makecert.exe
* Certificate Manager Tool: Certmgr.exe
* Certificate Verification Tool: Chktrust.exe
* Permissions View Tool: Permview.exe
* PEVerify Tool: Peverify.exe
* Options in Peverify.exe
* List of Security Questions in ASP.NET
* Best Practices for .NET Security
تعريف بالكورس
شهادة أمن المبرمج يضع الأساس المطلوب لمن قبل امطورى التطبيقات ومنظمات تنمية إنتاج التطبيقات مغ مزيد من الإستقرار والأمان مع مزيد من الإستقرار والأمان بالنسبه لتطبيقات المستخدم ومخاطر أقل أيضا ولتأمين التطبيقات المطورة معتمده على قواعد المعرفه لتطوير التطبيقات من خلال دمج أفضل التقنبات والأساليب المعتمده من قبل بعض الخبراء فى المجالات المختلفه .
من الجوانب التى تميز شهادة ECSP هو ان الشهادات المحدده تحدد من قبل المشرفين أو المجال الخاص بها وكما انه يرضى طكوح كل ما يريد تعلم مختلف الأساسيات البرمجيه الأمنيه ومن منظور أمنى أيضا ويدفعك إلى أن تصمم منصات عمل متطوره جدا ويمكنك كم إستخدام لغتك المحببه إلى مزيد من الأمان والإبداع
من هم المستفيدون من الدوره
شعادة ECSP مخصصه للمبرمجين المسئولين غن تطوير وتصميم التطبيثات الأمنيه على الشبكه العالميه الثائمه إطار .net وهم المطورين الخاصيب بلغات البرمجه التاليه c# . c++ . jav . php asp.net and SQL وتنكيه المهارات بها
المتطلبات والمهارات
يجب أن تكون ملما بمهارات البرمجه الأساسيه
المده
5 أيام من 9 إلى 5
الشهاده
إمتحان بإسم ECSP 312-92 exam سوف يجرى فى أخر يوم من أيام الدوره ويجب أن يجتازه على الإنترنيت
وصف ومراحل الكورس والمواد التى سوف تدرسها
Module 01: Introduction to Secure Coding
* Case Study: Secure Coding Cuts Application Maintenance Costs
* Secure Coding
* Vulnerabilities Statistics For The Year 2008 and 2009
* Programming Errors
* Why Security Mistakes Are Made
* Need for Secure Programming
* Why Secure Coding is Important
* Building Blocks of Software Security
* Types of Security Vulnerabilities
* Software Vulnerability Life Cycle
* Types of Attacks
* Secure Coding Principles
o Security Principles
o Security Through Obscurity
o Buffer Overflows
o Format String Vulnerabilities and Race Conditions
o Locking Problems
o Exception Handling
o Fundamentals of Control Granularity
o Fail-Safe Design Strategies
o Fault Tolerance and Detection
o Fault Removal and Avoidance
o Input and Parameter Validation
o Encrypting Secrets in Memory and Storage
o Scrubbing Information
o Privilege Levels for Information Access
o Loose Coupling
o High Cohesion
o Change Management and Version Control
* Guidelines for Developing Secure Codes
o Validate All User's Input
o Sanitize Input Values
o Use the Principle of Least Privilege
o Do Fail Safe
o Handle Sensitive Security Information with Care
o Practice Defense-in-Depth
o Do Not Provide Hints to Attackers
o Do Not Add Comments Telling What the Code Does
o Make (Code) Buddies
o Study and Fix the Defects
o Consider Security Issues During Design
o Avoid Common Security Problems
o Scan Existing Applications for Code Weaknesses
o Use Threat Models
o Perform Software Testing
o Use Automated Source Code Vulnerability Scanning Tools
* Software Security Checklists
o Authentication
o Authorization
o Data Validation
o Session Management
o Logging
o Error Handling
o Cryptography
o Performance
o Use of Privilege
o User-Server Authentication
Module 02: Designing Secure Architecture
* Introduction to Secure Architecture
* Secure Architecture
* Application Security
* Factors Affecting Application Security
* Software Engineering and System Development Life Cycle (SDLC)
* SDLC Phases
o System Requirements
o Specifications
o Design
o Coding
o Testing
o Maintenance
* Software Methodology Models:
o Waterfall Model
o RAD (Rapid Application Development)
o JAD (Joint Application Development)
o Fountain Model
o Spiral Model
o Build and Fix
o Synchronize-and-Stabilize
* Agile Methodologies
* Extreme Programming (XP)
o Rules and Practices of Extreme Programming
o XP Practices
* Unified Modeling Language (UML)
o Primary Goals
o Diagram
o UML Tool
+ Rational Rose
+ Borland Together
* Threat Modeling
o Aspects of Security Threat Modeling
o STRIDE Threat Model
* Common Criteria
* Software Development Best Practices
* Microsoft SDL Threat Modeling Tool
* Borland® TeamInspector™
Module 03: Cryptography
* Introduction to Cryptography
* Encryption
* Symmetric Encryption
* DES Symmetric Encryption Process
* Asymmetric Encryption
* Asymmetric Encryption vs. Symmetric Encryption
* Decryption
* Use of Cryptography
* Cryptographic Techniques
o Classic Cryptographic Techniques
o Modern Cryptographic Techniques
* Cipher
* RSA (Rivest Shamir Adleman)
* Example of RSA Algorithm
* RSA Attacks
* Implementation of RSA in C++
* The Diffie-Hellman Key Agreement Standard
o The Diffie-Hellman Key Algorithm
o Diagrammatical Representation of Diffie-Hellman Key Algorithm
* Data Encryption Standard (DES)
* DES Overview
* Implementation of DES in Java
* Rijndael Algorithm
* RC4, RC5, RC6, Blowfish Overview
* RC5
* Blowfish Algorithm in C
* Message Digest Functions
* One-way Bash Functions
* MD5
* Implementing MD5 in Java
* Generating a Key and IV for Private-key Encryption
* SHA (Secure Hash Algorithm)
* Implementing SHA in Java
* Collision Search Attacks on SHA1
* Modern Cipher Breaking
* The Keyed-Hash Message Authentication Code (HMAC)
* SSL (Secure Sockets Layer)
* What is SSH?
* SSH (Secure Shell)
* Algorithms and Security
* Disk Encryption
* Government Access to Keys (GAK)
* Digital Signature
* Components of a Digital Signature
* Method of Digital Signature Technology
* Use of Digital Signature
* Digital Signature Standard
* Digital Signature Algorithm: Signature Generation/Verification
* Digital Signature Algorithms: ECDSA, ElGamal Signature Scheme
* Hashing Technique
o Hashing, MACs, and Digital Signatures using C# in .NET
* Challenges and Opportunities
* Digital Certificates
* Creating and Verifying a Simple XML Digital Signature in C#
* Cleversafe Grid Builder http://www.cleversafe.com/
* PGP (Pretty Good Privacy)
* CypherCalc
* Command Line Scriptor
* CryptoHeaven
* JavaScrypt: Browser-Based Cryptography Tool
* Steps to use JavaScrypt Encryption and Decryption Tool
* Cryptanalysis
* Cryptography Attacks
* Brute-Force Attack
* The distributed.net Organization
Module 04: Buffer Overflows
* Statistics: MS08-067 Exploit Activity from October 2008 to January 2009, Detected as MS.DCERPC.NETAPI32.Buffer.Overflow
* Buffer Overflows
* Reasons for Buffer Overflow Attacks
* Why are Programs/Applications Vulnerable?
* Understanding Stacks
* Understanding Heaps
* Stack-based Buffer Overflow
* A Simple Uncontrolled Overflow of the Stack
* Stack Based Buffer Overflows
* Heap-based Buffer Overflow
* Heap Memory Buffer Overflow Bug
* Heap-based Buffer Overflow
* Countermeasure against Buffer Overflow Attacks
* Buffer Overflow Defenses
* Attacking a Real Program
* Defense Against Buffer Overflows
* Return Address Defender (RAD)
* StackGuard
* Immunix System
* Vulnerability Search – ICAT
* Valgrind
* Insure++
o Insure++: Features
* Buffer Overflow Protection Solution: Libsafe
* Comparing Functions of libc and Libsafe
* Simple Buffer Overflow in C
* Code Analysis
Module 05: Secure C and C++ Programming
* Introduction of C/C++
* Important Features of Object Oriented Programming
* Vulnerable C/C++ Functions
* Strcpy()
* Strncat()
* Strncpy()
* Sprintf()
* Gets()
* C/C++ Vulnerabilities:
* Buffer Overflow
o Strings
+ Countermeasures
* Stack-Based Buffer Overflow
* Heap-Based Buffer Overflow
* Off by One/Five Errors
* Dangling Pointers
* Stack Smashing
* GCC Extension to Protect Stack-Smashing Attacks
* Integer Vulnerabilities
* Truncation
* Sign Error
* Pointer Subterfuge
* Bugs with Pointers and Memory
* Dynamic Memory Management
* Double Free Vulnerability
* Secure Memory Allocation Tips
* Symmetric Encryption
* Symmetric Encryption in C++
* Blowfish Algorithm in C
* Public Key Cryptography
* Public Key Cryptography in C++
* Networking
* Creating an SSL Client in C++
* Creating an SSL Server
* Random Number Generation Problem
* Anti-Tampering
o Anti-Tampering Techniques
* Erasing Data from Memory Securely using C/C++
* Preventing Memory From Being Paged to Disk
* Using Variable Arguments Properly
* Signal Handling
* Encapsulation in C++
* Best Practices for Input Validation
* Code Profiling And Memory Debugging Tool: Val grind
* Viva64 Tool
Module 06: Secure Java and JSP Programming
* Introduction to Java
* The Java Programming Language
* JVM
* Bytecode Basics
* Java Security
* Access Control
* Sandbox Model
* Security Issues with Java
* SQL Injection Attack
* SQL Injection using UNION
* Preventive Measures for SQL Injection
* URL Tampering
* Denial-of-Service (DoS) Attack on Applet
* Sample Code for DoS Attack
* DoS from Opening Untrusted Windows
* Preventing DOS Attacks
* .Class File Format
* Byte Code Attack
* Reverse Engineering/ Decompilation by Mocha
* Obfuscation Tools: Jmangle
* Cinnabar Canner
* Byte Code Verifier
* Class Loader
* Building a SimpleClassLoader
* Security Manager
* jarsigner - JAR Signing and Verification Tool
* Signing an Applet Using RSA-Signed Certificates
* Signing Tools
* Getting RSA Certificates
* Bundling Java Applets as JAR Files
* Signing Java Applets Using Jarsigner
* Signing Java Applets Using Netscape Signing Tool
* Security Extensions
* Java Security Overview: Basic Security Architecture
* Java Authentication and Authorization Service (JAAS)
* Java Cryptographic Extension (JCE)
* Java Cryptography Architecture
* JCE: Pseudo Code for Encryption
* JCE: Pseudo Code for Decryption
* Java Cryptography Architecture (JCA)
* Sample Code for Encryption and Decryption
* Secure Communication
* Java(TM) Secure Socket Extension (JSSE)
* Creating Secure Client Sockets
* Creating Secure Server Sockets
* Choosing the Cipher Suites
* Java GSS Security
o Code for GSS Server
o Code for GSS Client
* Java Server Page (JSP)
o Problem of Untrusted User Input
o JSP Security Issues: Sensitive Data in GET Requests and Cookies
o JSP Best Practices
* Security with Untrusted User Input
* Cross Site Scripting
* Overcoming Cross Site Scripting Problem
* Authentication in Java
* Permissions in Java
* How to create new types of permissions?
* Security Policy
* Specifying an additional Policy File at runtime
* Policy Tool
o Policy Tool: Creating a new Policy File
* Best practices for developing secure Java Code
Module 07: Secure Java Script and VB Script Programming
* Script: Introduction
* JavaScript Vulnerability
* Cross-Site Scripting (XSS)
* Cross-Site Scripting Attacks
* Avoiding XSS
* JavaScript Hijacking
* Defending Against JavaScript Hijacking
* Declining Malicious Requests
* Prevent Direct Execution of the JavaScript Response
* Malicious Script Embedded in Client Web Requests
* Malicious Script Embedded in Client Web Requests: Effects
* Malicious Script Embedded in Client Web Requests: Solution
* Tool: Thicket Obfuscator for JavaScript
* JavaScript Security in Mozilla
o JavaScript Security in Mozilla: Same Origin Policy
o Same Origin Check
o JavaScript Security in Mozilla: Signed Script Policy
* Netscape's SignTool
o Netscape's SignTool: Signing a File
* Privileges
* Tool for Encryption: TagsLock Pro
* JavaScript Shell (Jash): Javascript Command-Line Debugging Tool
* Tool: Script Encoder
* Tool: Scrambler
* VBScript: CryptoAPI Tools
* Signing A Script (Windows Script Host )
* Verifying a Script
* Signature Verification Policy
* Software Restriction Policies for Windows XP
* Software Restriction Policies for Windows Vista and Server 2008
* Designing a Software Restriction Policy
* Creating Additional Rules
* Blocking Malicious Scripts
* Rule for Blocking Malicious Scripts
Module 08: Secure Microsoft.NET Programming
* Common Terminology
* Microsoft .NET: Introduction
* .NET Framework
o .NET Framework Security Policy Model
* Security Policy Levels
* Security Features in .NET
* Key Concepts in .NET Security
* Code Access Security (CAS)
* Using Code Access Security in ASP.NET
* Steps to use CAS in ASP.NET Applications
* Evidence-Based Security
* Role-Based Security
o Role-Based Security: Windows Principal
o Role-Based Security: Generic principal
* Declarative and Imperative Security
* Cryptography
* Generate Key for Encryption and Decryption
* Symmetric Encryption in .Net
* Asymmetric Encryption in .Net
* Symmetric Decryption in .Net
* Asymmetric Decryption in .Net
* Protecting Client and Server Data Using Encryption Sample
* Cryptographic Signatures
* Writing a Signature in .Net
* Verifying a Signature in .Net
* Ensuring Data Integrity with Hash Codes
* Hash Code Generation
* Verification of Hash Code
* Classes Implementing Public-key Encryption Algorithms
* Security Checklist for .NET Framework
* Permissions
* Code Access Permissions
* Identity Permissions
* Role-Based Security Permissions
* SkipVerification
* SkipVerification Sample Code
* Stack Walk
* Writing Secure Class Libraries
* Runtime Security Policy
* Step-By-Step Configuration of Runtime Security Policies
* Creating a Security Policy Deployment Package
* Type Safety
* Canonicalization
* Access Control List Editor
* Securing User Credentials and Logon Information
* Obfuscation
* Dotfuscator: .NET Obfuscator Tool
* Administration Tool: Authorization Manager (AzMan) with ASP.Net
* ASP.NET Security Architecture
* Authentication and Authorization Strategies
* URL Authorization
* File Authorization
* Windows Authentication
* Forms Authentication
* Passport Authentication
* Custom Authentication
* Implementing Custom Authentication Scheme
* Security Checklist for ASP.NET
o Design Considerations
o Application Categories Considerations:
+ Auditing and Logging
+ Authentication–Forms
+ Authorization
+ Communication Security
* Steps to Encrypt Configuration Sections in ASP.NET using DPAPI
* Configuring Security with Mscorcfg.msc
* Process Identity for ASP.NET
* Impersonation
* Impersonation Sample Code
* Secure Communication
* Storing Secrets
* Options for Storing Secrets in ASP.NET
* Web.config Vulnerabilities:
o Default Error Message
o Leaving Tracing Enabled in Web-Based Applications
o Enabled Debugging
o Cookies Accessible through Client-Side Script
o Enabled Cookieless Session State
o Enabled Cookieless Authentication
o Failure to Require SSL for Authentication Cookies
o Sliding Expiration
o Non-Unique Authentication Cookie
o Hardcoded Credential
* Securing Session and View State
* Web Form Considerations
* Securing Web Services
* Web Application Security Frame
* Web Application Security Frame Threats, Attacks, and Countermeasures
* Secure Remoting
* Create a Remotable Object
* Secure Data Access
* Protecting ASP.NET from SQL Injection Attack
* SQL Injection Example
* Steps to Prevent Cross-Site Scripting in ASP.NET
* .NET Security Tools
* Code Access Security Policy Tool
o Caspol.exe
o Caspol.exe Parameters
* Certificate Creation Tool: Makecert.exe
* Options in Makecert.exe
* Certificate Manager Tool: Certmgr.exe
* Certificate Verification Tool: Chktrust.exe
* Permissions View Tool: Permview.exe
* PEVerify Tool: Peverify.exe
* Options in Peverify.exe
* List of Security Questions in ASP.NET
* Best Practices for .NET Security
ad-u.com offer a higher profits for website owners
Publishers
via ad advertising with pop under ads and refers other member
Any referred newuser give you 0.25$ free money & also you get
10% from all your referred members money its five level under
also Ad-u.com give you for the first time 1$ free money for u
and pay 0.005$ Per visitor & per popunder its a huge money.
Module 09: Secure PHP Programming
* Introduction to PHP (Hypertext Preprocessor)
* PHP Security Blunders
* Unvalidated Input Errors
* Example of PHP Attack
* Solution for Access Control Flaws
* Solution for Session ID Protection
* Error Reporting
* Data Handling Errors
* Security Sensitive PHP Functions: File Functions
* Security Sensitive PHP Functions: ezmlm_hash
* PHP Exploits
o Forms and Data
o Semantic URL Attacks
o File Upload Attacks
o Cross-Site Scripting (CSS/XSS)
o Cross-Site Request Forgeries
o Spoofed Form Submissions
o Spoofed HTTP Requests
o Sessions and Cookies
o Cookie Theft
o Exposed Session Data
o Session Fixation
o Session Hijacking
* PHP Vulnerabilities
o Informational Vulnerabilities
o Common File Name Vulnerability
o Revealed Source Code Vulnerability
o Revealing Error Message Vulnerability
o Sensitive Data in Web Root Vulnerability
o Session File in Shared Server Vulnerability
o Sensitive Data in Globally Readable File Vulnerability
o Revealing HTML Comment Vulnerability
o Web Application Fingerprint Vulnerability
o Packet Sniffing Vulnerability
o Attack Vulnerabilities
o Global Variable Vulnerability
o Default Password Vulnerability
o Online Backup Vulnerability
* Common PHP Attacks
* Remote Code Execution
* Cross-Site Scripting Attack (CSS)
* Cross Site Scripting Attack: Example
* Cross-Site Request Forgeries (CSRF, Sea-Surf or XSRF)
* Workaround for Cross-Site Request Forgeries
* SQL Injection
* Defending SQL Injection Attacks
* PHP Configuration Attacks
* Preventing PHP Configuration Attacks
* File System Attacks
* Defending File System Attacks
* Information Gathering Attacks
* PHP Injection Attacks
* Ten PHP Best Practices
* Secure PHP Practices
o Safe Mode
o Disable Register Globals
o Validating Input
o PHP Input Filter Class
* PHP Encoders
o Acunetix Web Vulnerability Scanner
o Encryption Software: PHP Code Lock
o Zend Guard
o POBS stands for PHP Obfuscator/Obscurer
o eAccelerator
* Best Practices for PHP Security
Module 10: Securing Applications from Bots
* Bots
* Botnet
* The Botnet Life Cycle
* Botnet Threats
* Robot.txt
o Creating "robots.txt" file
* Blocking Bad Bots and Site Rippers
* Protecting Web Application Forms from Spam Bots
o CAPTCHA
+ Advantages of CAPTCHA
o Anti-Spam Security Question
o Menu Option Matching
o Honeypot Spam Trap
o Input Length Regulation
* Guidelines to Protect Network from Bots
* Bot Detection Tool: BotHunter
* Cyber Clean Center
* Structure of Cyber Clean Center
Module 11: Secure SQL Server Programming
* Introduction
* SQL Server Security Model
o SQL Server Security Model: Login
* Creating an SQL Server Login
* Database User
* Guest User
* Permissions
* Database Engine Permissions Hierarchy
* Roles
o Public Role
o Predefined Roles
+ Fixed Server Roles
+ Fixed Database Roles
* User-Defined Roles
* Application roles
* Security Features of MS-SQL Server 2005
* Added Security Features in MS-SQL Server 2008
* SQL Server Security Vulnerabilities:
o Buffer Overflow in pwdencrypt()
o Extended Stored Procedures Contain Buffer Overflows
* SQL Injection Attacks
* Prevent SQL Injection Attacks
* Sqlninja:
o SQL Server Injection & Takeover Tool
o Finding Target
* Data Encryption
* Built-in Encryption Capabilities
* Encryption Keys
* Encryption Hierarchy
* Transact-SQL
* Create Symmetric Key in T-SQL
* Create Asymmetric Key in T-SQL
* Certificates
* Create Certificate in T-SQL
* SQL Server Security: Administrator Checklist
* Database Programming Best Practices
* SQL Server Installation:
o Authentication
o Authorization
* Best Practices for Database Authorization
* Auditing and Intrusion Detection
* Enabling Auditing
* Database Security Auditing Tools:
o AppDetectivePro
o NGSSquirrel
o AuditPro
Module 12: SQL Rootkits
* Rootkits
* SQL Server Rootkit
* Threats of SQL Rootkits
* Evolution of SQL Rootkits
* How a Rootkit Works
* SQL Server 2000
o Rootkit Attack on SQL Server 2000
o Screenshot: Password Tampering
* SQL Server 2005
o Step 1: Copy and attach the hidden resource database
o Step 2: Login via Dedicated Administrator Connection (DAC)
o Step 3: Alter the sys.server_principalsview Script
o Step 4: Introduce the Rootkit
* Detecting SQL Server Rootkits
* Rootkit Detection Tool
o DB Audit
o ApexSQL Audit
o Audit DB
o DbProtect
Module 13: Secure Application Testing
* Software Development Life Cycle (SDLC)
* Introduction to Testing
* Types of Testing
* White Box Testing
* Types of White Box Testing
* Dynamic White-Box Testing
* Integration Test
* Regression Testing
* System Testing
* Black Box Testing
* Load Testing
* Strategies For Load Testing
* Functional Testing
* Testing Steps
* Creating Test Strategy
* Creating Test Plan
* Creating Test Cases and Test Data
* Executing, Bug Fixing and Retesting
* Classic Testing Mistakes
* User Interface Errors
* Good User Interfaces
* Using Automatic Testing and Tools
* Generic Code Review Checklist
* Software Testing Best Practices
* Testing Tool:
o QEngine
o WinRunner
o LoadRunner
* Real Time Testing
Module 14: VMware Remote Recording and Debugging
* Remote Debugging
* Recording Debugging Process
* Security Issues in Remote Recording and Debugging
* The Eclipse Integrated Virtual Debugger
o Introduction
o Overview
o Eclipse Launch Configurations
o Setting Up the Eclipse Integrated Virtual Debugger Environment
o Managing Virtual Machine Launch Configurations
* Application Configurations to Start Applications in a Virtual Machine
o Steps to Create, Duplicate, or Edit a Launch Configuration to Start an Application in a Virtual Machine
* Application Configurations to Attach to Applications Running in a Virtual Machine
o Steps to Create, Duplicate, or Edit a Configuration that Attaches to a Running Application in a Virtual Machine
o Steps to Delete Configurations
o Running and Debugging Applications in Virtual Machines
o Steps to Start an Application Debugging Session in a Virtual Machine
o Steps to Start an Application in a Virtual Machine Without Debugging
o Steps to Attach the Debugger to an Application Running in a Virtual Machine
* Visual Studio Integrated Virtual Debugger
o Overview
o Configuration Options When Starting an Application in a Virtual Machine
o Configuration Options When Attaching to a Process Running in a Virtual Machine
o Setting Up the Visual Studio Integrated Virtual Debugger Environment
* Managing Virtual Machine Configurations
o Creating Configurations
o Setting Configuration Properties
o Setting Virtual Machine Properties
o Running and Debugging Applications in Virtual Machines
o Starting a Debugging Session in a Virtual Machine
o Starting a Session Without Debugging in a Virtual Machine
o Attaching the Debugger to a Process Running in a Virtual Machine
Module 15: Writing Secure Documentation and Error Messages
* Error Message
* Common Error Messages
* Error Messages: Categories
* Good Error Message
* Error Message in a Well-designed Application
* Good Error Message Example
* Miscommunication in Error Messages
* Error Message Usability Checklist
* Guidelines For Creating Effective Error Messages
* Best Practices while Designing Error Messages
* Error Messages: Examples
* Security Issues in an Error Message
* Security Precautions in Documentation
Module 16: Secure ASP Programming
* ASP- Introduction
* Improving ASP Design
* Using Server-Side Includes(SSI)
o Using Server Side Includes (SSI) with ASP
o Using Server-Side Includes: Example
o Using Server-Side Includes: Protecting the Contents of Include Files
* Taking Advantage of VBScript Classes
* Using Server.Execute
* Using Server.Transfer
* #include Directive
* .BAK Files on the Server
* Detecting Exceptions with Scripting Language Error-Handling Mechanisms
* Using VBScript to Detect an Error
* Using Jscript to Detect an Error
* Notifying the Support Team When an Error Occurs Using CheckForError
* Attacks on ASP
* Insufficient Validation of Fields in SQL queries
* ASP DypsAntiSpam: A CAPTCHA for ASP
* Preventing Automatic Submission With DypsAntiSpam
* CAPTCHA: Examples
* Using Database and ASP Sessions to Implement ASP Security
* Step 1: Create A User Database Table
* Step 2: Create And Configure The Virtual Directory
* Step 3: Create The Sample Pages
* Step 4: Add Validation Code To Pages
* Protecting ASP Pages
* Encoding ASP Code: Script Encoder
* Protecting Passwords of ASP Pages with a One-way Hash Function
* ASP Best Practices
* ASP Best Practices: Error Handling
Module 17: Secure PERL Programming
* Introduction: PERL
* Common Terminology
* Security Issues in Perl Scripts
* Basic User Input Vulnerabilities
* Overcoming Basic User Input Vulnerabilities
* Insecure Environmental Variables
* Algorithmic Complexity Attacks
* Perl: Taint, Strict, and Warnings
* Taint Mode
* How Does Taint Mode Work?
* Taint Checking
* Using Tainted Data
* Securing the Program Using Taint
* Strict Pragma
* Setuid Command
o Setuid Sample Code
o Authenticating the user with setuid
o Security bugs with Setuid
* The Perl crypt() Function
* Logging Into a Secure Web Site with Perl Script
* Secure Log-in Checklist
* Program for Secure Log-in
* Securing open() Function
* Unicodes
* Displaying Unicode As Text
Module 18: Secure XML, Web Services and AJAX Programming
* Web Application and Web Services
* Web Application Vulnerabilities
o Coding Errors
o Design Flaws
* XML- Introduction
* XSLT and XPath
* XML Signature
o Applying XML Signatures to Security
* An Enveloped, Enveloping and Detached XML Signature Simultaneously
* XML Encryption
o The abstract Element
* Security Considerations for the XML Encryption Syntax
* Canonicalization
* Validation Process in XML
* XML Web Services Security
* XML-aware Network Devices Expand Network Layer Security
* Security of URI in XML
* Security of Opaque Data in XML
* XML Web Services Security Best Practices
* XML Tools
o Stylus Studio® 2010 XML Enterprise Suite
o V-Sentry
o Vordel SOAPbox
* AJAX
o AJAX- Introduction
o Anatomy of an AJAX Interaction (Input Validation Example)
o AJAX: Security Issues
o How to Prevent AJAX Exploits
o Tool: HTML Guardian ™
o Tool: Sprajax- AJAX Security Scanner
o HP WebInspect Software
Module 19: Secure RPC, ActiveX and DCOM Programming
* RPC Introduction
* RPC Authentication
* RPC Authentication Protocol
* NULL Authentication
* UNIX Authentication
* Data Encryption Standard (DES) Authentication
o Data Encryption Standard (DES) Authentication on Server Side
* Diffie-Hellman Encryption
* Security Methods
* Security Support Provider Interface (SSPI)
* Security Support Providers (SSPs)
o Writing an Authenticated SSPI Client
o Writing an Authenticated SSPI Server
* Secure RPC Protocol
* RpcServerRegisterAuthInfo Prevents Unauthorized Users from Calling your Server
* RPC Programming Best Practices
* Make RPC Function Calls
o Making RPC Function Calls: Using Binding Handles
o Making RPC Function Calls: Binding Handles and Protocol Sequence
* Using Context Handles
* RPC and the Network
* Write a Secure RPC Client or Server
* ActiveX Programming: Introduction
* Preventing Repurposing
* SiteLock Template
o SiteLock Template: Implementation Guide for ATL Controls
* IObjectSafety Interface
* Code Signing
o Creating a Code Signing Certificate and Signing an ActiveX Component in Windows
* Protecting ActiveX Controls
* DCOM: Introduction
* Security in DCOM
* Application-Level Security
* Security by Configuration
* Programmatic Security
* Run As a Launching user
* Run As a Interactive User
* Run As a Specific User
* Security Problem on the Internet
* Security on the Internet
* Heap Overflow Vulnerability
* Workarounds for Heap Overflow Vulnerability
* Tool: DCOMbobulator
* DCOM Security Best Practices
Module 20: Secure Linux Programming
* Introduction
* Open Source and Security
* Linux – Basics
* Linux File Structure
* Basic Linux Commands
* Linux Networking Commands
* Linux Processes
* POSIX Capabilities
* UTF-8 Security Issues
* UTF-8 Legal Values
* Secure Linux Programming Advantages
o Security Audit
o Communication
o Encryption
o Identification and Authentication
o Security Management
* Requirements for Security Measure Assurance
* Enabling Source Address Verification
* Linux iptables and ipchains
* Code to save the ip6tables state
* Controlling Access by MAC Address
* Permitting SSH Access Only
* Network Access Control
* Layers of Security for Incoming Network Connections
* Prohibiting Root Logins on Terminal Devices
* Authentication Techniques
* Authorization Controls
* Running a Root Login Shell
* Protecting Outgoing Network Connections
* Logging in to a Remote Host
* Invoking Remote Programs
* Copying Remote Files
* Public-key Authentication between OpenSSH Client and Server
* Authenticating in Cron Jobs
* Protecting Files
* File Permissions
* Shared Directory
* Encrypting Files
* Listing the Keyring
* Signing Files
* Encrypting Directories
* POP/IMAP Mail Server
* Testing an SSL Mail Connection
* Securing POP/IMAP with SSL and Pine
* SMTP Server
* Testing and Monitoring
* Testing Login Passwords (John the Ripper)
* Testing Login Passwords (CrackLib)
* Testing Search Path
* Searching Filesystems Effectively
* Finding Setuid (or Setgid) Programs
* Securing Device Special Files
* Looking for Rootkits
* Tracing Processes
* Observing Network Traffic
* Detecting Insecure Network Protocols
* Detecting Intrusions with Snort
* Log Files (syslog)
* Testing a Syslog Configuration
* Logwatch Filter
* Structure Program Internals and Approach
* Minimize Privileges Sample Code
* Filter Cross-Site Malicious Content on Input
* Filter HTML/URIs that may be Re-Presented
* Avoid Buffer Overflow
* Language-Specific Issues:
o C/C++
o Sample Codes
o Perl
o Ada
o Java
o Tcl
o Tcl Sample Code
o PHP
* Linux Application Auditing Tool: grsecurity
Module 21: Secure Linux Kernel Programming
* Introduction
* Building a Linux Kernel
* Procedures to Follow Post-Build
* Linux Kernel Configuration Menu
* Compiling a Linux Kernel
Module 22: Secure Xcode Programming
* Introduction to Xcode
* Mac OS X applications
* Cocoa
* Carbon
* AppleScript
* Script Editor
* Script Window
* Common Data Security Architecture
* CDSA
* Secure Transport API Set and Cryptographic Service Provider (CSP)
* Creating SSL Certificate on Mac OS X Server
* Using SSL with the Web Server
* Setting up SSL for LDAP
* Protecting Security Information
* Security in Mac OS X
* Security Management Using System Preferences
* Authentication Methods
* Encrypted disk images
* Networking Security Standards
* Personal firewall
* Checklist of recommended steps required to secure Mac OS X
Module 23: Secure Oracle PL/SQL Programming
* Introduction: PL/SQL
* PL/SQL in Oracle Server
* Security Issues in Oracle
* SQL Injection Attacks
* Defending Against SQL Injection Attacks
* SQL Manipulation
* Code Injection Attack
* Function Call Injection Attack
* Buffer Overflow and Other Vulnerabilities
* DBMS_SQL in PL/SQL
* Protecting DBMS_SQL in PL/SQL
* Types of Database Vulnerabilities/ Attacks
* Establishing Security Policies
* Password Management Policy
o Password Management policy: Password History
* Auditing Policy
* Oracle Policy Manager
* Oracle Label Security (OLS)
* Create an Oracle Label Security Policy
o Step 1: Define the Policy
o Step 2: Define the Components of the Labels
o Step 3: Identify the Set of Valid Data Labels
o Step 4: Apply Policy to Tables and Schemas
o Step 5: Authorize Users
o Step 6: Create and Authorize Trusted Program Units (Optional)
o Step 7: Configure Auditing (Optional)
* Using Oracle Label Security with a Distributed Database
* Oracle Identity Management
* Security Tools
* Oracle Secure Backup Tool
* Obfuscation
* Obfuscation Sample Code
* Encryption Using DBMS_CRYPTO
* Advanced Security Option
* Row Level Security
* Oracle Database Vaults: Tool
* Auditing
* Auditing Methods
* Audit Options
* View Audit Trail
* Fine-Grained Auditing (FGA)
* Oracle Auditing Tools
* Testing PL/SQL Programs
* SQL Unit Testing Tools
o SPUnit
o TSQLUnit
o utPLSQL
* Steps to Use utPLSQL
Module 24: Secure Network Programming
* Basic Network Concepts:
o Network
o Protocols
o Client Server Model
* Basic Web Concepts
* Network Programming
* Benefits of Secure Network Programming
* Network Interface
* Securing Sockets:
o Server Program
o Client Program
* Ports
* UDP Datagram and Sockets
* Internet Address
* Connecting to secure websites
* URL Decoder
* Reading Directly from a URL
* Content Handler
* Cookie Policy
* RMI Connector
* .Net : Internet Authentication
* Network Scanning Tool: Security Manager Plus
* Network Programming Best Practices
Module 25: Windows Socket Programming
* Introduction to Windows Sockets
* Windows NT and Windows 2000 Sockets Architecture
* Socket Programming
* Client-Side Socket Programming
o The Socket Address Structure
+ The Socket Address Structure Code Analysis
* Initializing a Socket and Connecting
* Server-Side Socket Programming
* Creating a Server
* Winsock 2.0
* Winsock Linking Methods
* Starting a Winsock 2 API
* Accepting Connections:
o AcceptEx
* WinSock: TransmitFile and TransmitPackets
* Grabbing a Web Page Using Winsock
* Generic File – Grabbing Application
* Writing Client Applications
* TCP Client Application Sample Code
* Writing Server Applications
* TCP Server Application Sample Code
* Winsock Secure Socket Extensions
* WSADeleteSocketPeerTargetName
* WSAImpersonateSocketPeer
* WSAQuerySocketSecurity
* WSARevertImpersonation
* WSASetSocketPeerTargetName
* WSASetSocketSecurity Function
* SOCKET_SECURITY_SETTINGS
* Using WinSock to Execute a Web Attack
* Using Winsock to Execute a Remote Buffer Overflow
* MDACDos Application
Module 26: Writing Shellcodes
* Shellcode Introduction
* Shellcode Development Tools
* Remote Shellcode
* Port Binding Shellcode
* FreeBSD Port Binding Shellcode
* Clean Port Binding Shellcode
o Clean Port Binding Shellcode: sckcode
* Socket Descriptor Reuse Shellcode
o Socket Descriptor Reuse Shellcode in C
o Socket Descriptor Reuse Shellcode: Sample Code
* Local Shellcode
* execve
* Executing /bin/sh
* Byte Code
* setuid Shellcode
* chroot Shellcode
* Breaking of chroot jails in Traditional Way
* Breaking Out of Chroot Jails on Linux Kernels
* Windows Shellcode
* Shellcode Examples
* Steps to Execute Shell Code Assembly
* The Write System Call
* Linux Shellcode for “Hello, world!”
* The Write System Call in FreeBSD
* execve Shellcode in C
* FreeBSD execve jmp/call Style
* FreeBSD execve Push Style
* FreeBSD execve Push Style, Several Arguments
* Implementation of execve on Linux
* Linux Push execve Shellcode
* System Calls
* The Socket System Call
o The Socket System Call: Sample Code Analysis
* The Bind System Call
* The Listen System Call
* The Accept System Call
o The Accept System Call: Sample Code
* The dup2 System Calls
* The execve System Call
* Linux Port Binding Shellcode
* Compile, Print, and Test Shellcode
* Reverse Connection Shellcode
* Socket Reusing Shellcode
* Linux Implementation of Socket Reusing Shellcode
* Reusing File Descriptors
* Using the setuid Root
o Executing the setuid Program
o System calls used by the setuid Root program
* Using ltrace utility
* Using GDB
* Assembly Implementation
* SysCall Trace
* RW Shellcode
* Encoding Shellcode
* Decoder Implementation and Analysis
* Decoder Implementation Program
* Results of Implementation Program
* OS-Spanning Shellcode
* Assembly Creation
Module 27: Writing Exploits
* Introduction
* Targeting Vulnerabilities
* Remote and Local Exploits
* A Two-Stage Exploit
* Format String Attacks
o Example of a Vulnerable Program
* Using %n Character
* Fixing Format String Bugs
* User-Supplied Format String Vulnerability CVE-2000-0763 in xlockmore
* TCP/IP Vulnerabilities
* Race Conditions
* File Race Conditions
* Signal Race Conditions
* Input Validation Error in man Program
* Input Validation Error in man Program (Snippet 1)
* Input Validation Error in man Program (Snippet 2)
* Writing Exploits and Vulnerability Checking Programs
o Writing Exploits and Vulnerability Checking Programs Sample Code
* Stack Overflow Exploits
* Memory Organization
* Stack Overflows
* Finding Exploitable Stack Overflows in Open-Source Software
* Finding Exploitable Stack Overflows in Closed-Source Software
* Heap Corruption Exploits
* Doug Lea Malloc
* Dlmalloc Chunk
* Freed Dlmalloc Chunk
* Vulnerable Program Example
* Figures: Fake Chunk, Overwritten Chunk
* OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability CAN-2002-0656
* Exploitation
* Exploitation Sample Code
* The Complication
* Improving the Exploit
* Integer Bug Exploits
* Integer Wrapping
* Program: Addition-Based Integer Wrapping
* Multiplication-Based Integer Wrapping
* Bypassing Size Checks
o Unsigned Size Check Without Integer Wrapping
o Signed Size Check Without Integer Wrapping
* Using the Metasploit Framework
* Determining Attack Vector
* Finding the Offset: Overwriting the Return Address
* The First Attack String
* Overwriting EIP with a Known Pattern
* Selecting a Control Vector
* Finding a Return Address
* Selecting the Search Method in the Metasploit Opcode Database
* Search Method in Metasploit Opcode Database
* Using the Return Address:
o Inserting the Return Address
o Verifying Return Address Reliability
* Nop Sleds: Increasing Reliability with a Nop Sled
* Choosing a Payload and Encoder
o Listing Available Payloads
o Determining Payload Variables
o Generating the Payload
o msfencode Options
* List of Available Encoders
* Choosing a Payload and Encoder: msfencode Results
* msfweb Payload Generation
* Setting msfweb Payload Options
* msfweb Generated and Encoded Payload
* Integrating Exploits into Framework
Module 28: Programming Port Scanners and Hacking Tools
* Port Scanner
* Simple Port Scanners
o Prerequisites for Writing a Port Scanner
o Port Scanner in C++
o Port Scanner in C#
o Building a Simple Port Scanner in VC++
o Port Scanner in Java
o Example JavaScript Port Scanner
o Port Scanner in ASP.Net
o Port Scanner in Perl
o Port Scanner in PHP
o UDP Port Scanning in PHP
o UDP Port Scanner in XML
* libpcap
o Capturing Packets
* Packet Capturing Example
* Saving Captured Packets to a File
* The wiretap Library
* Adding a new file format to the wiretap library
* wtap Struct
* Creating a New Dissector
* Programming the Dissector
* Adding a tap Module
* Nessus Attack Scripting Language (NASL)
* Writing Personal-Use Tools in NASL
* Programming in the Nessus Framework
* Porting to and from NASL
o Porting to NASL
o Porting from NASL
* Metasploit Framework (MSF)
* msfweb Interface
* Selecting the Exploit Module
* msfconsole Interface
o Using msfconsole Interface
o Executing an Exploit using msfconsole
* msfcli Interface
o Using the msfcli Interface
* Updating the MSF
* Writing Basic Rules
* The Rule Header
* Rule Options
* Writing Advanced Rules: Perl-Compatible Regular Expressions (PCRE)
* Byte_test and Byte_jump Functions
* Optimizing Rules
* Testing Rules
* Writing Detection Plugins
* Netcat Source Code
Module 29: Secure Mobile phone and PDA Programming
* Mobile Phone Programming
* Different OS Structure in Mobile Phone
* Symbian Operating System
* Guidelines for Securing Symbian OS
* PalmOS
* PalmOS Vulnerabilities
* HotSync Vulnerability
* Creator ID Switching
* Windows Mobile
* Calling Secure Web Services
* Security Practices for Windows Mobile Programming
* Comparison of Common Programming Tasks
* PDA Programming
* PDA Security Issues
* Security Policies for PDAs
* PDA Security Products
* PDA Security Vendors
* Java Platform, Micro Edition (Java ME)
* Java ME Architecture
* Java ME Security Issues
* CLDC Security
* Mobile Information Device Profile (MIDP)
* MIDP Security
* Programming the BlackBerry With Java ME
* Security and Trust Services API (SATSA) for Java ME: The Security APIs
* Certificate Enrollment in SATSA
* Generating a Private Key and Certificate Signing Request in SATSA
* Verifying the CSR
* Storing a Certificate into the Certificate Local Store
* Data Integrity with Message Digests
* Generating a Message Digest
* Verifying a Message Digest
* Authentication With Digital Signatures
* Signing a byte Array for Authentication Purposes
* Verifying a Digital Signature using SATSA
* Data Confidentiality - Using Ciphers for Data Encryption
* Using Cipher to Encrypt Data using a Symmetric Encryption
* Using Cipher to Decrypt Data using a Symmetric Encryption
* Security Issues in Bluetooth
* Security Attacks in Bluetooth Devices
* Bluetooth security
* Bluetooth Security : Key Management
* Tool: Bluekey
* Tool: BlueWatch
* Tool: BlueSweep
* Tool: Bluediving
* Tool: Smartphone Security Client
* Tool: BlueFire Mobile Security Enterprise Edition
* Mobile Phone Security Tips
* Defending Cell Phones and PDAs Against Attack
* Antivirus Tools for Mobile Devices
* F-Secure Antivirus for Palm OS
Module 30: Secure Game Designing
* Game Designing Introduction
* Type of Games:
o Console Games
o Mobile Games
o Online Games
o Off-line Games
o Wii Games
* Threats to Online Gaming
* Threats to Online Gaming: Cheating
* Multimedia Fusion Screenshot
* Adventure Game Studio Screenshot
* Game Maker Screenshot
* FPS Creator Screenshot
* Stagecast Creator Screenshot
* RPG Maker XP Screenshot
* The Scrolling Game Development Kit
* Visual3D.NET Screenshot
* Game Engine
* Best Practices for Secure Game Designing
* Summary
Module 31: Securing E-Commerce Applications
* Purpose of Secure E-Commerce Application
* E-Business Concepts: Secure Electronic Transaction (SET)
* Using SET
* Secure Socket Layer (SSL)
* SSL Certificates
* VeriSign SSL Certificates
* Entrust SSL Certificates
* Digital Certificates
* Digital Signature
* Digital Signature Technology
* Digital Signature Algorithm:
o Signature Generation/Verification
o ECDSA, ElGamal Signature Scheme
* Guidelines for Developing Secure E-Commerce Applications
Module 32: Software Activation, Piracy Blocking and Automatic Updates
* Software Activation: Introduction
* Software Activation Process
* Process of Software Activation
* Software Activation: Advantages
* Activation Explained
* Online License Management Server
* Activation Policies
* Policy Control Parameters
* Piracy
* The Effects of piracy
* Piracy Blocking
* Digital Right Management (DRM)
* Software Piracy Protection Strategies
* Copy protection for DVD
* Application Framework –DVD Copy Protection System
* Content Protection During Digital Transmission
* Watermark System Design Issues
* Cost Effectiveness
* False Positives Rate
* Interaction with MPEG compression
* Detector Placement
* Copy Generation Management
* Tool: Crypkey
* EnTrial Key Generation
* EnTrial Distribution File
* EnTrial Product & Package Initialization Dialog
* Windows Automatic Updates
* Options for Setting up Windows Automatic Updates on XP
* Automatic Updates Option on AVG Antivirus
* Automatic Updates for Internet Explorer
* Automatic Updates for Mozilla Firefox
Module 33: PCI Compliance and Secure Programming
* What is PCI compliance
* PCI Data Security Standard
* PCI web application requirements
* OWASP top 10 vulnerabilities
* Avoiding Injection Flaws
* Avoiding XSS flaws
* Avoiding broken authentication and session management
* Avoiding insecure direct object references
* Avoiding CSRF flaws
* Avoiding security misconfiguration
* Avoiding URL access control flaws
* Avoiding unvalidated redirects and forwards
* Avoiding insecure cryptographic storage
* Avoiding insufficient transport layer protection
Publishers
via ad advertising with pop under ads and refers other member
Any referred newuser give you 0.25$ free money & also you get
10% from all your referred members money its five level under
also Ad-u.com give you for the first time 1$ free money for u
and pay 0.005$ Per visitor & per popunder its a huge money.
Module 09: Secure PHP Programming
* Introduction to PHP (Hypertext Preprocessor)
* PHP Security Blunders
* Unvalidated Input Errors
* Example of PHP Attack
* Solution for Access Control Flaws
* Solution for Session ID Protection
* Error Reporting
* Data Handling Errors
* Security Sensitive PHP Functions: File Functions
* Security Sensitive PHP Functions: ezmlm_hash
* PHP Exploits
o Forms and Data
o Semantic URL Attacks
o File Upload Attacks
o Cross-Site Scripting (CSS/XSS)
o Cross-Site Request Forgeries
o Spoofed Form Submissions
o Spoofed HTTP Requests
o Sessions and Cookies
o Cookie Theft
o Exposed Session Data
o Session Fixation
o Session Hijacking
* PHP Vulnerabilities
o Informational Vulnerabilities
o Common File Name Vulnerability
o Revealed Source Code Vulnerability
o Revealing Error Message Vulnerability
o Sensitive Data in Web Root Vulnerability
o Session File in Shared Server Vulnerability
o Sensitive Data in Globally Readable File Vulnerability
o Revealing HTML Comment Vulnerability
o Web Application Fingerprint Vulnerability
o Packet Sniffing Vulnerability
o Attack Vulnerabilities
o Global Variable Vulnerability
o Default Password Vulnerability
o Online Backup Vulnerability
* Common PHP Attacks
* Remote Code Execution
* Cross-Site Scripting Attack (CSS)
* Cross Site Scripting Attack: Example
* Cross-Site Request Forgeries (CSRF, Sea-Surf or XSRF)
* Workaround for Cross-Site Request Forgeries
* SQL Injection
* Defending SQL Injection Attacks
* PHP Configuration Attacks
* Preventing PHP Configuration Attacks
* File System Attacks
* Defending File System Attacks
* Information Gathering Attacks
* PHP Injection Attacks
* Ten PHP Best Practices
* Secure PHP Practices
o Safe Mode
o Disable Register Globals
o Validating Input
o PHP Input Filter Class
* PHP Encoders
o Acunetix Web Vulnerability Scanner
o Encryption Software: PHP Code Lock
o Zend Guard
o POBS stands for PHP Obfuscator/Obscurer
o eAccelerator
* Best Practices for PHP Security
Module 10: Securing Applications from Bots
* Bots
* Botnet
* The Botnet Life Cycle
* Botnet Threats
* Robot.txt
o Creating "robots.txt" file
* Blocking Bad Bots and Site Rippers
* Protecting Web Application Forms from Spam Bots
o CAPTCHA
+ Advantages of CAPTCHA
o Anti-Spam Security Question
o Menu Option Matching
o Honeypot Spam Trap
o Input Length Regulation
* Guidelines to Protect Network from Bots
* Bot Detection Tool: BotHunter
* Cyber Clean Center
* Structure of Cyber Clean Center
Module 11: Secure SQL Server Programming
* Introduction
* SQL Server Security Model
o SQL Server Security Model: Login
* Creating an SQL Server Login
* Database User
* Guest User
* Permissions
* Database Engine Permissions Hierarchy
* Roles
o Public Role
o Predefined Roles
+ Fixed Server Roles
+ Fixed Database Roles
* User-Defined Roles
* Application roles
* Security Features of MS-SQL Server 2005
* Added Security Features in MS-SQL Server 2008
* SQL Server Security Vulnerabilities:
o Buffer Overflow in pwdencrypt()
o Extended Stored Procedures Contain Buffer Overflows
* SQL Injection Attacks
* Prevent SQL Injection Attacks
* Sqlninja:
o SQL Server Injection & Takeover Tool
o Finding Target
* Data Encryption
* Built-in Encryption Capabilities
* Encryption Keys
* Encryption Hierarchy
* Transact-SQL
* Create Symmetric Key in T-SQL
* Create Asymmetric Key in T-SQL
* Certificates
* Create Certificate in T-SQL
* SQL Server Security: Administrator Checklist
* Database Programming Best Practices
* SQL Server Installation:
o Authentication
o Authorization
* Best Practices for Database Authorization
* Auditing and Intrusion Detection
* Enabling Auditing
* Database Security Auditing Tools:
o AppDetectivePro
o NGSSquirrel
o AuditPro
Module 12: SQL Rootkits
* Rootkits
* SQL Server Rootkit
* Threats of SQL Rootkits
* Evolution of SQL Rootkits
* How a Rootkit Works
* SQL Server 2000
o Rootkit Attack on SQL Server 2000
o Screenshot: Password Tampering
* SQL Server 2005
o Step 1: Copy and attach the hidden resource database
o Step 2: Login via Dedicated Administrator Connection (DAC)
o Step 3: Alter the sys.server_principalsview Script
o Step 4: Introduce the Rootkit
* Detecting SQL Server Rootkits
* Rootkit Detection Tool
o DB Audit
o ApexSQL Audit
o Audit DB
o DbProtect
Module 13: Secure Application Testing
* Software Development Life Cycle (SDLC)
* Introduction to Testing
* Types of Testing
* White Box Testing
* Types of White Box Testing
* Dynamic White-Box Testing
* Integration Test
* Regression Testing
* System Testing
* Black Box Testing
* Load Testing
* Strategies For Load Testing
* Functional Testing
* Testing Steps
* Creating Test Strategy
* Creating Test Plan
* Creating Test Cases and Test Data
* Executing, Bug Fixing and Retesting
* Classic Testing Mistakes
* User Interface Errors
* Good User Interfaces
* Using Automatic Testing and Tools
* Generic Code Review Checklist
* Software Testing Best Practices
* Testing Tool:
o QEngine
o WinRunner
o LoadRunner
* Real Time Testing
Module 14: VMware Remote Recording and Debugging
* Remote Debugging
* Recording Debugging Process
* Security Issues in Remote Recording and Debugging
* The Eclipse Integrated Virtual Debugger
o Introduction
o Overview
o Eclipse Launch Configurations
o Setting Up the Eclipse Integrated Virtual Debugger Environment
o Managing Virtual Machine Launch Configurations
* Application Configurations to Start Applications in a Virtual Machine
o Steps to Create, Duplicate, or Edit a Launch Configuration to Start an Application in a Virtual Machine
* Application Configurations to Attach to Applications Running in a Virtual Machine
o Steps to Create, Duplicate, or Edit a Configuration that Attaches to a Running Application in a Virtual Machine
o Steps to Delete Configurations
o Running and Debugging Applications in Virtual Machines
o Steps to Start an Application Debugging Session in a Virtual Machine
o Steps to Start an Application in a Virtual Machine Without Debugging
o Steps to Attach the Debugger to an Application Running in a Virtual Machine
* Visual Studio Integrated Virtual Debugger
o Overview
o Configuration Options When Starting an Application in a Virtual Machine
o Configuration Options When Attaching to a Process Running in a Virtual Machine
o Setting Up the Visual Studio Integrated Virtual Debugger Environment
* Managing Virtual Machine Configurations
o Creating Configurations
o Setting Configuration Properties
o Setting Virtual Machine Properties
o Running and Debugging Applications in Virtual Machines
o Starting a Debugging Session in a Virtual Machine
o Starting a Session Without Debugging in a Virtual Machine
o Attaching the Debugger to a Process Running in a Virtual Machine
Module 15: Writing Secure Documentation and Error Messages
* Error Message
* Common Error Messages
* Error Messages: Categories
* Good Error Message
* Error Message in a Well-designed Application
* Good Error Message Example
* Miscommunication in Error Messages
* Error Message Usability Checklist
* Guidelines For Creating Effective Error Messages
* Best Practices while Designing Error Messages
* Error Messages: Examples
* Security Issues in an Error Message
* Security Precautions in Documentation
Module 16: Secure ASP Programming
* ASP- Introduction
* Improving ASP Design
* Using Server-Side Includes(SSI)
o Using Server Side Includes (SSI) with ASP
o Using Server-Side Includes: Example
o Using Server-Side Includes: Protecting the Contents of Include Files
* Taking Advantage of VBScript Classes
* Using Server.Execute
* Using Server.Transfer
* #include Directive
* .BAK Files on the Server
* Detecting Exceptions with Scripting Language Error-Handling Mechanisms
* Using VBScript to Detect an Error
* Using Jscript to Detect an Error
* Notifying the Support Team When an Error Occurs Using CheckForError
* Attacks on ASP
* Insufficient Validation of Fields in SQL queries
* ASP DypsAntiSpam: A CAPTCHA for ASP
* Preventing Automatic Submission With DypsAntiSpam
* CAPTCHA: Examples
* Using Database and ASP Sessions to Implement ASP Security
* Step 1: Create A User Database Table
* Step 2: Create And Configure The Virtual Directory
* Step 3: Create The Sample Pages
* Step 4: Add Validation Code To Pages
* Protecting ASP Pages
* Encoding ASP Code: Script Encoder
* Protecting Passwords of ASP Pages with a One-way Hash Function
* ASP Best Practices
* ASP Best Practices: Error Handling
Module 17: Secure PERL Programming
* Introduction: PERL
* Common Terminology
* Security Issues in Perl Scripts
* Basic User Input Vulnerabilities
* Overcoming Basic User Input Vulnerabilities
* Insecure Environmental Variables
* Algorithmic Complexity Attacks
* Perl: Taint, Strict, and Warnings
* Taint Mode
* How Does Taint Mode Work?
* Taint Checking
* Using Tainted Data
* Securing the Program Using Taint
* Strict Pragma
* Setuid Command
o Setuid Sample Code
o Authenticating the user with setuid
o Security bugs with Setuid
* The Perl crypt() Function
* Logging Into a Secure Web Site with Perl Script
* Secure Log-in Checklist
* Program for Secure Log-in
* Securing open() Function
* Unicodes
* Displaying Unicode As Text
Module 18: Secure XML, Web Services and AJAX Programming
* Web Application and Web Services
* Web Application Vulnerabilities
o Coding Errors
o Design Flaws
* XML- Introduction
* XSLT and XPath
* XML Signature
o Applying XML Signatures to Security
* An Enveloped, Enveloping and Detached XML Signature Simultaneously
* XML Encryption
o The abstract
* Security Considerations for the XML Encryption Syntax
* Canonicalization
* Validation Process in XML
* XML Web Services Security
* XML-aware Network Devices Expand Network Layer Security
* Security of URI in XML
* Security of Opaque Data in XML
* XML Web Services Security Best Practices
* XML Tools
o Stylus Studio® 2010 XML Enterprise Suite
o V-Sentry
o Vordel SOAPbox
* AJAX
o AJAX- Introduction
o Anatomy of an AJAX Interaction (Input Validation Example)
o AJAX: Security Issues
o How to Prevent AJAX Exploits
o Tool: HTML Guardian ™
o Tool: Sprajax- AJAX Security Scanner
o HP WebInspect Software
Module 19: Secure RPC, ActiveX and DCOM Programming
* RPC Introduction
* RPC Authentication
* RPC Authentication Protocol
* NULL Authentication
* UNIX Authentication
* Data Encryption Standard (DES) Authentication
o Data Encryption Standard (DES) Authentication on Server Side
* Diffie-Hellman Encryption
* Security Methods
* Security Support Provider Interface (SSPI)
* Security Support Providers (SSPs)
o Writing an Authenticated SSPI Client
o Writing an Authenticated SSPI Server
* Secure RPC Protocol
* RpcServerRegisterAuthInfo Prevents Unauthorized Users from Calling your Server
* RPC Programming Best Practices
* Make RPC Function Calls
o Making RPC Function Calls: Using Binding Handles
o Making RPC Function Calls: Binding Handles and Protocol Sequence
* Using Context Handles
* RPC and the Network
* Write a Secure RPC Client or Server
* ActiveX Programming: Introduction
* Preventing Repurposing
* SiteLock Template
o SiteLock Template: Implementation Guide for ATL Controls
* IObjectSafety Interface
* Code Signing
o Creating a Code Signing Certificate and Signing an ActiveX Component in Windows
* Protecting ActiveX Controls
* DCOM: Introduction
* Security in DCOM
* Application-Level Security
* Security by Configuration
* Programmatic Security
* Run As a Launching user
* Run As a Interactive User
* Run As a Specific User
* Security Problem on the Internet
* Security on the Internet
* Heap Overflow Vulnerability
* Workarounds for Heap Overflow Vulnerability
* Tool: DCOMbobulator
* DCOM Security Best Practices
Module 20: Secure Linux Programming
* Introduction
* Open Source and Security
* Linux – Basics
* Linux File Structure
* Basic Linux Commands
* Linux Networking Commands
* Linux Processes
* POSIX Capabilities
* UTF-8 Security Issues
* UTF-8 Legal Values
* Secure Linux Programming Advantages
o Security Audit
o Communication
o Encryption
o Identification and Authentication
o Security Management
* Requirements for Security Measure Assurance
* Enabling Source Address Verification
* Linux iptables and ipchains
* Code to save the ip6tables state
* Controlling Access by MAC Address
* Permitting SSH Access Only
* Network Access Control
* Layers of Security for Incoming Network Connections
* Prohibiting Root Logins on Terminal Devices
* Authentication Techniques
* Authorization Controls
* Running a Root Login Shell
* Protecting Outgoing Network Connections
* Logging in to a Remote Host
* Invoking Remote Programs
* Copying Remote Files
* Public-key Authentication between OpenSSH Client and Server
* Authenticating in Cron Jobs
* Protecting Files
* File Permissions
* Shared Directory
* Encrypting Files
* Listing the Keyring
* Signing Files
* Encrypting Directories
* POP/IMAP Mail Server
* Testing an SSL Mail Connection
* Securing POP/IMAP with SSL and Pine
* SMTP Server
* Testing and Monitoring
* Testing Login Passwords (John the Ripper)
* Testing Login Passwords (CrackLib)
* Testing Search Path
* Searching Filesystems Effectively
* Finding Setuid (or Setgid) Programs
* Securing Device Special Files
* Looking for Rootkits
* Tracing Processes
* Observing Network Traffic
* Detecting Insecure Network Protocols
* Detecting Intrusions with Snort
* Log Files (syslog)
* Testing a Syslog Configuration
* Logwatch Filter
* Structure Program Internals and Approach
* Minimize Privileges Sample Code
* Filter Cross-Site Malicious Content on Input
* Filter HTML/URIs that may be Re-Presented
* Avoid Buffer Overflow
* Language-Specific Issues:
o C/C++
o Sample Codes
o Perl
o Ada
o Java
o Tcl
o Tcl Sample Code
o PHP
* Linux Application Auditing Tool: grsecurity
Module 21: Secure Linux Kernel Programming
* Introduction
* Building a Linux Kernel
* Procedures to Follow Post-Build
* Linux Kernel Configuration Menu
* Compiling a Linux Kernel
Module 22: Secure Xcode Programming
* Introduction to Xcode
* Mac OS X applications
* Cocoa
* Carbon
* AppleScript
* Script Editor
* Script Window
* Common Data Security Architecture
* CDSA
* Secure Transport API Set and Cryptographic Service Provider (CSP)
* Creating SSL Certificate on Mac OS X Server
* Using SSL with the Web Server
* Setting up SSL for LDAP
* Protecting Security Information
* Security in Mac OS X
* Security Management Using System Preferences
* Authentication Methods
* Encrypted disk images
* Networking Security Standards
* Personal firewall
* Checklist of recommended steps required to secure Mac OS X
Module 23: Secure Oracle PL/SQL Programming
* Introduction: PL/SQL
* PL/SQL in Oracle Server
* Security Issues in Oracle
* SQL Injection Attacks
* Defending Against SQL Injection Attacks
* SQL Manipulation
* Code Injection Attack
* Function Call Injection Attack
* Buffer Overflow and Other Vulnerabilities
* DBMS_SQL in PL/SQL
* Protecting DBMS_SQL in PL/SQL
* Types of Database Vulnerabilities/ Attacks
* Establishing Security Policies
* Password Management Policy
o Password Management policy: Password History
* Auditing Policy
* Oracle Policy Manager
* Oracle Label Security (OLS)
* Create an Oracle Label Security Policy
o Step 1: Define the Policy
o Step 2: Define the Components of the Labels
o Step 3: Identify the Set of Valid Data Labels
o Step 4: Apply Policy to Tables and Schemas
o Step 5: Authorize Users
o Step 6: Create and Authorize Trusted Program Units (Optional)
o Step 7: Configure Auditing (Optional)
* Using Oracle Label Security with a Distributed Database
* Oracle Identity Management
* Security Tools
* Oracle Secure Backup Tool
* Obfuscation
* Obfuscation Sample Code
* Encryption Using DBMS_CRYPTO
* Advanced Security Option
* Row Level Security
* Oracle Database Vaults: Tool
* Auditing
* Auditing Methods
* Audit Options
* View Audit Trail
* Fine-Grained Auditing (FGA)
* Oracle Auditing Tools
* Testing PL/SQL Programs
* SQL Unit Testing Tools
o SPUnit
o TSQLUnit
o utPLSQL
* Steps to Use utPLSQL
Module 24: Secure Network Programming
* Basic Network Concepts:
o Network
o Protocols
o Client Server Model
* Basic Web Concepts
* Network Programming
* Benefits of Secure Network Programming
* Network Interface
* Securing Sockets:
o Server Program
o Client Program
* Ports
* UDP Datagram and Sockets
* Internet Address
* Connecting to secure websites
* URL Decoder
* Reading Directly from a URL
* Content Handler
* Cookie Policy
* RMI Connector
* .Net : Internet Authentication
* Network Scanning Tool: Security Manager Plus
* Network Programming Best Practices
Module 25: Windows Socket Programming
* Introduction to Windows Sockets
* Windows NT and Windows 2000 Sockets Architecture
* Socket Programming
* Client-Side Socket Programming
o The Socket Address Structure
+ The Socket Address Structure Code Analysis
* Initializing a Socket and Connecting
* Server-Side Socket Programming
* Creating a Server
* Winsock 2.0
* Winsock Linking Methods
* Starting a Winsock 2 API
* Accepting Connections:
o AcceptEx
* WinSock: TransmitFile and TransmitPackets
* Grabbing a Web Page Using Winsock
* Generic File – Grabbing Application
* Writing Client Applications
* TCP Client Application Sample Code
* Writing Server Applications
* TCP Server Application Sample Code
* Winsock Secure Socket Extensions
* WSADeleteSocketPeerTargetName
* WSAImpersonateSocketPeer
* WSAQuerySocketSecurity
* WSARevertImpersonation
* WSASetSocketPeerTargetName
* WSASetSocketSecurity Function
* SOCKET_SECURITY_SETTINGS
* Using WinSock to Execute a Web Attack
* Using Winsock to Execute a Remote Buffer Overflow
* MDACDos Application
Module 26: Writing Shellcodes
* Shellcode Introduction
* Shellcode Development Tools
* Remote Shellcode
* Port Binding Shellcode
* FreeBSD Port Binding Shellcode
* Clean Port Binding Shellcode
o Clean Port Binding Shellcode: sckcode
* Socket Descriptor Reuse Shellcode
o Socket Descriptor Reuse Shellcode in C
o Socket Descriptor Reuse Shellcode: Sample Code
* Local Shellcode
* execve
* Executing /bin/sh
* Byte Code
* setuid Shellcode
* chroot Shellcode
* Breaking of chroot jails in Traditional Way
* Breaking Out of Chroot Jails on Linux Kernels
* Windows Shellcode
* Shellcode Examples
* Steps to Execute Shell Code Assembly
* The Write System Call
* Linux Shellcode for “Hello, world!”
* The Write System Call in FreeBSD
* execve Shellcode in C
* FreeBSD execve jmp/call Style
* FreeBSD execve Push Style
* FreeBSD execve Push Style, Several Arguments
* Implementation of execve on Linux
* Linux Push execve Shellcode
* System Calls
* The Socket System Call
o The Socket System Call: Sample Code Analysis
* The Bind System Call
* The Listen System Call
* The Accept System Call
o The Accept System Call: Sample Code
* The dup2 System Calls
* The execve System Call
* Linux Port Binding Shellcode
* Compile, Print, and Test Shellcode
* Reverse Connection Shellcode
* Socket Reusing Shellcode
* Linux Implementation of Socket Reusing Shellcode
* Reusing File Descriptors
* Using the setuid Root
o Executing the setuid Program
o System calls used by the setuid Root program
* Using ltrace utility
* Using GDB
* Assembly Implementation
* SysCall Trace
* RW Shellcode
* Encoding Shellcode
* Decoder Implementation and Analysis
* Decoder Implementation Program
* Results of Implementation Program
* OS-Spanning Shellcode
* Assembly Creation
Module 27: Writing Exploits
* Introduction
* Targeting Vulnerabilities
* Remote and Local Exploits
* A Two-Stage Exploit
* Format String Attacks
o Example of a Vulnerable Program
* Using %n Character
* Fixing Format String Bugs
* User-Supplied Format String Vulnerability CVE-2000-0763 in xlockmore
* TCP/IP Vulnerabilities
* Race Conditions
* File Race Conditions
* Signal Race Conditions
* Input Validation Error in man Program
* Input Validation Error in man Program (Snippet 1)
* Input Validation Error in man Program (Snippet 2)
* Writing Exploits and Vulnerability Checking Programs
o Writing Exploits and Vulnerability Checking Programs Sample Code
* Stack Overflow Exploits
* Memory Organization
* Stack Overflows
* Finding Exploitable Stack Overflows in Open-Source Software
* Finding Exploitable Stack Overflows in Closed-Source Software
* Heap Corruption Exploits
* Doug Lea Malloc
* Dlmalloc Chunk
* Freed Dlmalloc Chunk
* Vulnerable Program Example
* Figures: Fake Chunk, Overwritten Chunk
* OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability CAN-2002-0656
* Exploitation
* Exploitation Sample Code
* The Complication
* Improving the Exploit
* Integer Bug Exploits
* Integer Wrapping
* Program: Addition-Based Integer Wrapping
* Multiplication-Based Integer Wrapping
* Bypassing Size Checks
o Unsigned Size Check Without Integer Wrapping
o Signed Size Check Without Integer Wrapping
* Using the Metasploit Framework
* Determining Attack Vector
* Finding the Offset: Overwriting the Return Address
* The First Attack String
* Overwriting EIP with a Known Pattern
* Selecting a Control Vector
* Finding a Return Address
* Selecting the Search Method in the Metasploit Opcode Database
* Search Method in Metasploit Opcode Database
* Using the Return Address:
o Inserting the Return Address
o Verifying Return Address Reliability
* Nop Sleds: Increasing Reliability with a Nop Sled
* Choosing a Payload and Encoder
o Listing Available Payloads
o Determining Payload Variables
o Generating the Payload
o msfencode Options
* List of Available Encoders
* Choosing a Payload and Encoder: msfencode Results
* msfweb Payload Generation
* Setting msfweb Payload Options
* msfweb Generated and Encoded Payload
* Integrating Exploits into Framework
Module 28: Programming Port Scanners and Hacking Tools
* Port Scanner
* Simple Port Scanners
o Prerequisites for Writing a Port Scanner
o Port Scanner in C++
o Port Scanner in C#
o Building a Simple Port Scanner in VC++
o Port Scanner in Java
o Example JavaScript Port Scanner
o Port Scanner in ASP.Net
o Port Scanner in Perl
o Port Scanner in PHP
o UDP Port Scanning in PHP
o UDP Port Scanner in XML
* libpcap
o Capturing Packets
* Packet Capturing Example
* Saving Captured Packets to a File
* The wiretap Library
* Adding a new file format to the wiretap library
* wtap Struct
* Creating a New Dissector
* Programming the Dissector
* Adding a tap Module
* Nessus Attack Scripting Language (NASL)
* Writing Personal-Use Tools in NASL
* Programming in the Nessus Framework
* Porting to and from NASL
o Porting to NASL
o Porting from NASL
* Metasploit Framework (MSF)
* msfweb Interface
* Selecting the Exploit Module
* msfconsole Interface
o Using msfconsole Interface
o Executing an Exploit using msfconsole
* msfcli Interface
o Using the msfcli Interface
* Updating the MSF
* Writing Basic Rules
* The Rule Header
* Rule Options
* Writing Advanced Rules: Perl-Compatible Regular Expressions (PCRE)
* Byte_test and Byte_jump Functions
* Optimizing Rules
* Testing Rules
* Writing Detection Plugins
* Netcat Source Code
Module 29: Secure Mobile phone and PDA Programming
* Mobile Phone Programming
* Different OS Structure in Mobile Phone
* Symbian Operating System
* Guidelines for Securing Symbian OS
* PalmOS
* PalmOS Vulnerabilities
* HotSync Vulnerability
* Creator ID Switching
* Windows Mobile
* Calling Secure Web Services
* Security Practices for Windows Mobile Programming
* Comparison of Common Programming Tasks
* PDA Programming
* PDA Security Issues
* Security Policies for PDAs
* PDA Security Products
* PDA Security Vendors
* Java Platform, Micro Edition (Java ME)
* Java ME Architecture
* Java ME Security Issues
* CLDC Security
* Mobile Information Device Profile (MIDP)
* MIDP Security
* Programming the BlackBerry With Java ME
* Security and Trust Services API (SATSA) for Java ME: The Security APIs
* Certificate Enrollment in SATSA
* Generating a Private Key and Certificate Signing Request in SATSA
* Verifying the CSR
* Storing a Certificate into the Certificate Local Store
* Data Integrity with Message Digests
* Generating a Message Digest
* Verifying a Message Digest
* Authentication With Digital Signatures
* Signing a byte Array for Authentication Purposes
* Verifying a Digital Signature using SATSA
* Data Confidentiality - Using Ciphers for Data Encryption
* Using Cipher to Encrypt Data using a Symmetric Encryption
* Using Cipher to Decrypt Data using a Symmetric Encryption
* Security Issues in Bluetooth
* Security Attacks in Bluetooth Devices
* Bluetooth security
* Bluetooth Security : Key Management
* Tool: Bluekey
* Tool: BlueWatch
* Tool: BlueSweep
* Tool: Bluediving
* Tool: Smartphone Security Client
* Tool: BlueFire Mobile Security Enterprise Edition
* Mobile Phone Security Tips
* Defending Cell Phones and PDAs Against Attack
* Antivirus Tools for Mobile Devices
* F-Secure Antivirus for Palm OS
Module 30: Secure Game Designing
* Game Designing Introduction
* Type of Games:
o Console Games
o Mobile Games
o Online Games
o Off-line Games
o Wii Games
* Threats to Online Gaming
* Threats to Online Gaming: Cheating
* Multimedia Fusion Screenshot
* Adventure Game Studio Screenshot
* Game Maker Screenshot
* FPS Creator Screenshot
* Stagecast Creator Screenshot
* RPG Maker XP Screenshot
* The Scrolling Game Development Kit
* Visual3D.NET Screenshot
* Game Engine
* Best Practices for Secure Game Designing
* Summary
Module 31: Securing E-Commerce Applications
* Purpose of Secure E-Commerce Application
* E-Business Concepts: Secure Electronic Transaction (SET)
* Using SET
* Secure Socket Layer (SSL)
* SSL Certificates
* VeriSign SSL Certificates
* Entrust SSL Certificates
* Digital Certificates
* Digital Signature
* Digital Signature Technology
* Digital Signature Algorithm:
o Signature Generation/Verification
o ECDSA, ElGamal Signature Scheme
* Guidelines for Developing Secure E-Commerce Applications
Module 32: Software Activation, Piracy Blocking and Automatic Updates
* Software Activation: Introduction
* Software Activation Process
* Process of Software Activation
* Software Activation: Advantages
* Activation Explained
* Online License Management Server
* Activation Policies
* Policy Control Parameters
* Piracy
* The Effects of piracy
* Piracy Blocking
* Digital Right Management (DRM)
* Software Piracy Protection Strategies
* Copy protection for DVD
* Application Framework –DVD Copy Protection System
* Content Protection During Digital Transmission
* Watermark System Design Issues
* Cost Effectiveness
* False Positives Rate
* Interaction with MPEG compression
* Detector Placement
* Copy Generation Management
* Tool: Crypkey
* EnTrial Key Generation
* EnTrial Distribution File
* EnTrial Product & Package Initialization Dialog
* Windows Automatic Updates
* Options for Setting up Windows Automatic Updates on XP
* Automatic Updates Option on AVG Antivirus
* Automatic Updates for Internet Explorer
* Automatic Updates for Mozilla Firefox
Module 33: PCI Compliance and Secure Programming
* What is PCI compliance
* PCI Data Security Standard
* PCI web application requirements
* OWASP top 10 vulnerabilities
* Avoiding Injection Flaws
* Avoiding XSS flaws
* Avoiding broken authentication and session management
* Avoiding insecure direct object references
* Avoiding CSRF flaws
* Avoiding security misconfiguration
* Avoiding URL access control flaws
* Avoiding unvalidated redirects and forwards
* Avoiding insecure cryptographic storage
* Avoiding insufficient transport layer protection
0 التعليقات:
إرسال تعليق