This course aims to teach delegates the various tools, techniques and procedures for identifying and researching vulnerabilities in open and closed source applications which often go undetected by vulnerability scanners.
This course is aimed at security professionals, penetration testers, researchers, developers and anyone who wishes to learn how to identify and research unknown vulnerabilities in both web and system applications.
Experience with command line Linux is advantageous however it is not essential as the instructor will guide the delegates through each task.
Module 1 - Application analysis
This module helps delegates understand the ways in which inputs in applications can be identified using online resources, static analysis and tools such as interception proxies, packet analysis tools and debuggers.
This module covers the following subjects:
Module 2 - Finding applications for vulnerabilities
This module helps delegates understand the various methods and techniques for testing applications for unknown vulnerabilities after analysing applications.
This module covers the following subjects:
Learning outcomes
Delegates will be able to understand the process and methods used to analyse applications for unknown vulnerabilities. Delegates will gain experience analysing both open and closed source applications using various tools and techniques allowing them to identify potential inputs to applications and test those inputs for vulnerabilities.