Secnic Certified Software Security practitioner suite (SCSSPS)

This course Secnic Certified Software Security practitioner suite (SCSSPS) educates the developers on the best way to exploit (hack) and shield against different assaults on Programming dialect. The course is composed around OWASP Top10 which is normal standard which is utilized as a part of configuration, engineering, testing of web applications.

The course contains video/sound addresses. It has Theory on programming (Exploit, Defence) . It likewise has Demos of abuse and Defence. It gives understudies common sense understanding into coding web application in PHP safely.

We prescribe understudies to examine the course over a time of 15 days and endeavour the test toward the end of the period. We likewise prescribe understudies to concentrate on different asset material accessible on the web in different gatherings including OWASP official site.

The course is organized by Top 10 from A1 to A10. In each of the OWASP Top10 sessions we have ordered presentation, abuse, protection.

Any developer, who is modifying in any language, ought to take this course. Secure software developers are preferred by associations over the globe.

What are the necessities?

  • essential programming in .NET, PHP, JAVA, PYTHON, RUBY
  • online programming dialect

What am I going to get from this course?

  • More than 66 addresses and 4 hours of substance!
  • Figure out how to Hack and Write Secure code
  • Take in the OWASP Top10 Methodology A1 – A10
  • Apply the above OWASP Top10 approach on any programming

What is the intended interest group?

  • Software engineers who code in .NET, PHP, JAVA, PYTHON, RUBY
  • Plan Engineers, Architects who outline or design for based projects
  • Security analysers and Functional analysers who test based projects
Section 1: Injection(A1) – OWASP Top10
Lecture 1Injection – OWASP Top10 (A1) – Presentation
Lecture 2Blind SQL Injection Presentation
Lecture 3SQLI
Lecture 4Time based SQLI
Lecture 5Union Exploitation Technique
Lecture 6SQL Injection Union – Demo – Exploitation
Lecture 7Preventing SQLI
Lecture 8SQL Injection Login Bypass – Demo
Lecture 9SQL Injection – Demo – Defense
Section 2: Injection(A1) – Command Injection
Lecture 10Command Injection Presentation
Lecture 11Command Injection – Demo
Lecture 12Command Injection Prevention – Demo
Section 3: Injection(A1) – XML & XPath Injection
Lecture 13XML & XPath Injection Presentation
Lecture 14XPath Injection – Demo
Lecture 15XPath Injection Prevention – Demo
Section 4: Injection(A1) – PHP Code Injection
Lecture 16PHP Code Injection Presentation
Lecture 17PHP Code Injection Demo
Lecture 18PHP Code Injection Prevention
Section 5: Injection(A1) – PHP Object Injection
Lecture 19PHP Object Injection Presentation
Lecture 20PHP Object Injection Demo 1
Lecture 21PHP Object Injection Demo 2
Lecture 22PHP Object Injection Prevention
Section 6: Injection(A1) – SSI Injection
Lecture 23SSI Injection Presentation
Lecture 24SSI Injection Demo
Lecture 25SSI Injection Prevention
Section 7: Injection(A1) – LDAP Injection
Lecture 26LDAP Injection Presentation
Section 8: Injection(A1) – HTML Injection
Lecture 27HTML Injection Presentation
Lecture 28HTML Injection Demo
Section 9: Broken Authentication and Session Management(A2) – OWASP Top10
Lecture 29Broken Authentication and Session Management – OWASP Top10(A2) – Presentation
Lecture 30Broken Authentication and Session Management – Demo – Exploit
Lecture 31Defense Demo
Section 10: Cross-Site Scripting (XSS) – A3 – OWASP Top10
Lecture 32Cross Site Scripting(XSS) – Introduction
Lecture 33Cross Site Scripting – Reflected
Lecture 34Cross Site Scripting – Demo – Reflected – Get
Lecture 35Cross Site Scripting(XSS) – Demo – Reflected – Post
Lecture 36Cross Site Scripting(XSS) Stored – Presentation
Lecture 37Cross Site Scripting(XSS) – Demo – Stored
Section 11: Cross Site Scripting – A3 – Defense
Lecture 38Cross-Site Scripting (XSS) – OWASP Top10 – Presentation – Defence
Lecture 39Cross-Site Scripting (XSS) – FIlters
Lecture 40Cross Site Scripting(XSS) – HTTP Flag
Lecture 41Cross Site Scripting – Demo – Modsecurity
Section 12: Insecure Direct Object References – A4 – OWASP Top10
Lecture 42Insecure Direct Object Reference – OWASP Top10 – A4 – Presentation
Lecture 43Insecure Direct Object Reference -DEMO- Exploitation
Lecture 44Insecure Direct Object Reference – Demo – Defense
Section 13: Security Misconfiguration – A5 – OWASP Top10
Lecture 45Security Misconfiguration – OWASP Top10 – A5 – Presentation
Lecture 46Security Misconfiguration – Demo – Exploit
Lecture 47Security Misconfiguration – Demo – Defense
Section 14: Sensitive Data Exposure – A6 – OWASP Top10
Lecture 48Sensitive Data Exposure – OWASP Top10 – A6 – Presentation
Lecture 49Sensitive Data Exposure – A6 – Demo – Exploit
Lecture 50Sensitive Data Exposure – A6 – Demo – Defense
Section 15: Missing Function Level Access Control – A7 – OWASP Top10
Lecture 51Missing Function Level Access Control – OWASP Top10 – A7 – Presentation
Lecture 52Missing Function Level Access Control – Demo – Exploitation(1)
Lecture 53Missing Function Level Access Control – Demo – Exploitation(2)
Lecture 54Missing Function Level Access Control – Demo – Defence
Section 16: Cross-Site Request Forgery (CSRF) – A8 – OWASP Top10
Lecture 55Cross-Site Request Forgery (CSRF) – OWASP Top10 – A8 – Presentation
Lecture 56Cross-Site Request Forgery (CSRF) – OWASP Top10 – A8 – Defense Presentation
Lecture 57CSRF – Demo – Get Exploit
Lecture 58CSRF – Demo – Get Defence
Lecture 59CSRF – Demo – Post Exploit
Lecture 60CSRF – Demo – Post Defence
Section 17: Using Components with Known Vulnerabilities – A9 – OWASP Top10
Lecture 61Using Components with Known Vulnerabilities – OWASP top10 – A9 – Presentation
Lecture 62Using components with Known Vulnerabilities – A9 – Demo
Section 18: Unvalidated Redirects and Forwards – A10 – OWASPTop10
Lecture 63Unvalidated Redirects and Forwards – OWASP Top10 – A10 – Presentation
Lecture 64Unvalidated Redirects and Forwards – OWASP Top10 – A10 – Presentation Defense
Lecture 65Unvalidated Redirects and Forwards – Demo – Exploit
Lecture 66Unvalidated Redirects and Forwards – Demo – Defense
Section 19: Certification