Logo
NewsCase StudiesContactWhere are you? UK 🌐

EC-Council CAST® — Advanced Application Security®

Code: castaas

Logo

What you'll learn

The EC-Council Centre of Advanced Security Training has arrived at Firebrand Training. This three-day Advanced Application Security course is intensive, and focuses on combating attacks by improving your code-writing.

You will learn how to attack applications on the web, off-the-shelf binary applications and runtimes such as .NET, Java and Adobe AIR. This all takes place on a Virtual Machine, which you keep after the course.

Warning: This is not a beginner’s course. You'll spend 50% of the course in hands-on coding labs, so you must have some programming experience. The course is right for you if you're an: application developer, software programmer or pen tester.

Learn how to use these tools and techniques:

  • SSL compelled certificate injection
  • SSL renegotiation
  • CRL libraries
  • SQL root kits
  • XSS
  • 'Fuzzing' (most programmers aren't aware of this, but your code should be fuzzed!)

Note: this course doesn't include an exam, but you'll become Advanced Application Security certified.

9x Accredited Training Centre of the Year

Accredited Training Centre of the Year

Firebrand Training has again won the EC-Council Accredited Training Centre of the Year Award, from a Training Partner network that has more than 700 training centres across 107 countries. This extends a record-breaking run of successive awards to nine years.

Jay Bavisi, President of EC-Council said: “The annual EC-Council Awards highlights the commitment and achievements of our global partners and trainers that have contributed to the information security community.”

Curriculum

19 modules

Module 1: Advanced Fuzzing Technology

  • Making the application "hiccup"

Module 2: Programming to defend against Attacking from the outside (Over the Web)

  • XSS on Steroids
  • XSRF ‚Äì The newest Dangers
  • Click Jacking
  • Filter, Filter, Filter
  • Learn New Techniques for Sanitizing input that actually work!
  • The Bank Robber in the Vault Scenario

Module 3: Programming to defend against Attacking From the Inside – Binary Bypassing Antivirus

  • Packing Binaries
  • Crypting Binaries

Module 4: Programming to defend against Attacking From the Same LAN, vLan or Network Segment

  • Arp Cache Poison
  • DNS Poison and Redirection techniques
  • Route Table Poisoning

Module 5: Programming techniques to defend against MiTM attacks of all kinds

  • MITM techniques
  • Quick Overview of Popular Tools
  • Programmers Risk Sheet Checklist!

Module 6: Programming to defend against Cryptographic Errors

  • SSL ‚Äì The ugly truth. How it can help and hurt you and how to properly use Libraries to ensure your protected
  • Don‚Äôt let the User make Security Decisions

Module 7: SQL- DataBase RootKits

  • Ask the Database a question (Query)
  • But receive back what the attacker wants you to receive back.

Appendix: Handy Definitions and Examples Checklist with Examples for Programmers for each Attack and Weakness.

Prerequisites

Warning: This is not a beginner’s course. You'll spend 50% of the course in hands-on coding labs, so you must have some programming experience. The course is right for you if you're an: application developer, software programmer or pen tester.

You must be familiar with IT security best practices, and have a good understanding of programming logic and common web technologies, as well as binary applications:

  • Basic Windows administration for servers and workstations
  • Basic Linux/NIX system administration skill
  • Basic command line proficiency on both Windows and NIX systems

Course Dates

Sorry, there are currently no dates available for this course. Please submit an enquiry and one of our team will contact you about potential future dates or alternative options.

FAQs

4 question

Yes, we do provide courses suitable for beginners. However, Firebrand's accelerated courses aren't easy and it's essential that you are interested and actively pursuing a career in IT.

Traditional training providers usually run their courses from 9am to 5pm. At Firebrand Training we maximise the number of learning hours to minimise the number of training days, so you’ll be back to your job as quickly as possible. You don’t waste time travelling to several courses and finding an exam centre after that.

Firebrand's accelerated courses are constantly reviewed. We ask our delegates for feedback after every course. We are official partners with leading vendors and therefore, we're provided with certification changes and updates, which we can then implement in our course delivery at a very early stage. This feedback is then analysed in view of changes or discrepancies. We will then address the topics mentioned and have a panel of subject matter experts provide us with valuable suggestions for improvement and solutions.

If you need to learn new skills and you want to be able to put them into practice quickly, then Firebrand is the right training company for you.

Our unique accelerated training method means that we are your fastest way to learn. By delivering training for up to 12 hours per day, seven days per week, with exam centres on-site, we ensure that you are trained and certified quicker than anywhere else, having spent less time out of the office away from the day job.

Can't find the answer you're looking for?

Our expert learning advisors are ready to help. Whether you need course recommendations, have technical queries, or want to discuss your learning goals, we're just a message away.

Related courses

All EC-Council Courses
Logo

Train your team

Since 2001 we've trained 134,561 employees from thousands of large and small organisations, saving them more than one million hours in training time.

Learn More