Navigation
SEARCH
TOOLBOX
LANGUAGES
modified on 9 June 2010 at 18:05 ••• 1,775 views

Training Course/Black-Box & White-Box ASP.NET Security Reviews using the OWASP O2 Platform

From

Jump to: navigation, search

Contents

(note: this is commercial (i.e. paid for) training event, and is NOT delivered or connected with the OWASP Foundation)

Course Details

Black-Box & White-Box ASP.NET Security Reviews using the OWASP O2 Platform

This is a hands-on Training course on how to use the OWASP O2 Platform to perform both Black-Box and White-Box security reviews on ASP.NET Web Applications

The course is designed for security consultants/developers who are responsible for performing Penetration Tests or Security Code Reviews. The course will show practical examples of how to use the OWASP O2 Platform to find, exploit and document security vulnerabities.

For the course's labs, a number of test and real-world applications/frameworks will be used. In order to give the students a benign test enviroment which is easy to replicate, the (vulnerable-by-design) HacmeBank ASP.NET banking application will be used throughout the course.

Course Curriculum:

  • What is the OWASP O2 Platform and how to use it?
  • Using O2's Unit Tests for web exploration and browsing
  • Using O2's Unit Tests for web exploitation
  • Understanding and using O2's Web Automation Tools to find and exploit vulnerabilities in HacmeBank (Black-Box)
  • Understanding and using O2's AST .NET Scanner to find vulnerabilities in HacmeBank (White-Box)
  • Connecting the source-code traces with the web exploits to create a unified view of the vulnerabilties
  • Create 'Vulnerability-driven Unit Tests' to be delivered to Developers, QA/Testers and Managers
  • Customizing and writing new APIs (for new or modified frameworks)
  • Using O2 to consume results from open source tools and 3rd party commercial vendors
  • Case Study: Microsoft ASP.NET MVC
  • Case Study: Microsoft Sharpoint

Trainner

The course is delivered by Dinis Cruz who the lead developer of the OWASP O2 Platform and has created and delivered a number of .NET Security training courses

Dates, Location and Cost

  • Date(s): Jun 18th (Fri) and Jun 25th (Fri)
  • Location: Central London (close to Victoria Station)
  • Cost: £200.00

Registration

To register for the course use this ONLINE FORM


Related Course

Retrieved from "http://www.o2platform.com/wiki/Training_Course/Black-Box_%26_White-Box_ASP.NET_Security_Reviews_using_the_OWASP_O2_Platform"
MediaWiki Appliance - Powered by TurnKey Linux