GB
/
GBP
/
EN

Check Point HackingPoint™ Advanced Web Hacking PenTesting Expert CCPM - HP-AWH

WGAC-CKP-HP-AWH

Check Point

Description

Show Tabs
Introduction

This fastpaced class gives attendees an insight into advanced AppSec topics. The class curriculum is split into two: 3 days of Server Side Flaws. 2 days of Client Side Flaws

Prerequisites & Audience

Check Point HackingPoint™ Web Hacking

Some knowledge of HTML and JavaScript is required, but rookies and experts will be equally satisfied with the class. HTML is a living standard, and so is this class.

Course Benefits

HackingPoint is a new Global Education program for security experts (customers, partners, or network admins) to help master all types of Pen Testing techniques and Cyber Security practices

The goal of this program is to give security experts in-depth understanding of how to better protect the corporate network and resources
World-class trainers and Pen-testing experts in the field (BlackHat & Check Point RnD trainers) provide students deep knowledge in cutting-edge Cyber Security threats
Course Topics

Server Side Flaws (3 days)

These vulnerabilities affect well-known software/websites and span across multiple
technologies, such as .NET framework to Node.js applications. We selected vulnerabilities that
typically go undetected by modern scanners, or have less-known exploitation techniques

SQL Injection

  • 2nd order injection
  • NoSQL injection
  • Out-of-Band exploitation
  • WAF bypass techniques

XXE Injection

  • Blind XXE injection
  • Case Study of recent XXE bugs
  • XXE to Code Execution

Serialization Flaws

  • PHP object injection
  • Java serialization flaws
  • Case study of recent serialization flaws

HTTP Parameter Pollution (HPP)

  • Detecting HPP in application
  • Case study of recent HPP bugs

Business Logic Flaws

  • WAF bypass techniques
  • Mass assignment bugs
  • OS code injection
  • Crypto attacks

Client Side Flaws (2 days)

These classes focus on offensive attacks and dangerous parts of HTML, JavaScript, and related technologies, the nasty and
undocumented stuff. There are dozens of new attack techniques straight from the laboratory of horrors of those
maintaining the HTML5 Security Cheat Sheet. We will learn how to attack any Web application— either with unknown
legacy features or the half-baked results coming to your browser from the labs of W3C, WHATWG and the ES6 mailing lists.
Whether you want to attack modern web applications or shiny browser extensions and Chrome Packaged Apps, we have
that covered.

  • Client Side flaws (basics)
  • HTTP / Encoding
  • Character sets
  • CSRF and detail
  • Cross Site-Scripting
  • DOM clobbering SOP Bypasses
  • Drag&Drop / Copy&Paste
  • DOMXSS
  • HTML5 Attacks & Vectors
  • SVG
  • XML
  • Mutation XSS / mXSS
  • Scriptless Attacks
  • Filter Bypasses
  • Optimizing your payload
  • Legacy Features

Check Point courses


Check Point Endpoint Specialist - CCES
CODE: WGAC-CKP-CCES
Check Point DevSecOps - CCPA
CODE: WGAC-CKP-DevSecOps
Check Point Automation Specialist R80.20 - CCAS
CODE: WGAC-CKP-CCAS-R8X
Check Point Certified VSX Specialist - CCVS
CODE: WGAC-CKP-CCVS
Check Point Certified MultiDomain Management Specialist -CCMS
CODE: WGAC-CKP-CCMS
Check Point Certified Security Expert R80.40 - CCSE
CODE: WGAC-CKP-CCSE-R8X
Check Point Certified Maestro Expert - CME
CODE: WGAC-CKP-CME
Check Point Certified Troubleshooting Administrator - CCTA
CODE: WGAC-CKP-CCTA
CKP AppSec for Developers - CCPE
CODE: WGAC-CKP-AppSecDev
Check Point HackingPoint™ 101 - HP-101
CODE: WGAC-CKP-HP-101
Check Point Certified Cloud Specialist - CCCS
CODE: WGAC-CKP-CCCS
Check Point Certified Troubleshooting Expert - CCTE
CODE: WGAC-CKP-CCTE
Check Point HackingPoint™ Web Hacking - HP-WH
CODE: WGAC-CKP-HP-WH
Check Point HackingPoint™ Advanced Infrastrucure Hacking PenTesting Expert CCPM - HP-AIH
CODE: WGAC-CKP-HP-AIH
Check Point Certified Security Admin R80.40 - CCSA
CODE: WGAC-CKP-CCSA-R8X
Check Point HackingPoint™ Advanced Web Hacking PenTesting Expert CCPM - HP-AWH
CODE: WGAC-CKP-HP-AWH
Check Point HackingPoint™ Infrastrucure Hacking PenTesting Expert CCPE - HP-IH
CODE: WGAC-CKP-HP-IH
Check Point HackingPoint™ Malware Analysis Fundamentals - HP-MAF
CODE: WGAC-CKP-HP-MAF
This website uses cookies to ensure you get the best experience on our website.