Seminarkatalog

• Modul 1: Advanced Web Application Penetration Testing
• Modul 2: Advanced SQL Injection (SQLi)
• Modul 3: Reflected, Stored and DOM-based Cross Site Scripting (XSS)
• Modul 4: Cross Site Request Forgery (CSRF) – GET and POST Methods
• Modul 5: Server-Side Request Forgery (SSRF)
• Modul 6: Security Misconfigurations
• Modul 7: Directory Browsing/Bruteforcing
• Modul 8: CMS Vulnerability Scanning
• Modul 9: Network Scanning
• Modul 10: Auth Bypass
• Modul 11: Web App Enumeration
• Modul 12: Dictionary Attack
• Modul 13: Insecure Direct Object Reference Prevention (IDOR)
• Modul 14: Broken Access Control
• Modul 15: Local File Inclusion (LFI)
• Modul 16: Remote File Inclusion (RFI)
• Modul 17: Arbitrary File Download
• Modul 18: Arbitrary File Upload
• Modul 19: Using Components with Known Vulnerabilities
• Modul 20: Command Injection
• Modul 21: Remote Code Execution
• Modul 22: File Tampering
• Modul 23: Privilege Escalation
• Modul 24: Log Poisoning
• Modul 25: Weak SSL Ciphers
• Modul 26: Cookie Modification
• Modul 27: Source Code Analysis
• Modul 28: HTTP Header modification
• Modul 29: Session Fixation
• Modul 30: Clickjacking

• Gute SQL und HTTP Kenntnisse
• HTML, CSS und JavaScript Grundkenntnisse

• Mitarbeiter
• Experte

Die EDC-Business Computing GmbH ist zur Durchführung dieses EC-Council Kurses autorisiert.

F