Bug Hunting Tools and Techniques
Book Now - 1 Delivery Method Available:Classroom Virtual Classroom Private Group - Virtual Self-Paced Online
This course aims to teach delegates the various tools, techniques and procedures for identifying and researching vulnerabilities in open and closed source applications which often go undetected by vulnerability scanners.
- The limitations of generic vulnerability scanners
- The different types of vulnerabilities
- How to find and use relevant documentation useful to testing
- How to identify inputs in applications for testing
- How to review source code for vulnerabilities
- How to use debuggers and disassemblers to identify possible vulnerabilities
- How to use interception proxies
- How to use packet analysis tools
- How to test inputs using educated guess work
- How to fuzz applications for vulnerabilities
This course is aimed at security professionals, penetration testers, researchers, developers and anyone who wishes to learn how to identify and research unknown vulnerabilities in both web and system applications.
We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.
Module 1 - Application analysis (4 topics)
- How to use online resources to identify useful information for testing
- How to identify inputs to applications
- How to perform static analysis of source code
- How to analyse applications using open source tools
Module 2 - Finding applications for vulnerabilities (4 topics)
- How to test applications for vulnerabilities using educated guess work
- How to test web applications using ZAP
- How to fuzz web applications for vulnerabilities
- How to fuzz system applications for vulnerabilities
Experience with command line Linux is advantageous however it is not essential as the instructor will guide the delegates through each task.