YoVDO

Reversing Web Applications

Offered By: LASCON via YouTube

Tags

LASCON Courses Cybersecurity Courses Ruby Courses Reverse Engineering Courses Information Gathering Courses Web Application Testing Courses Source Code Analysis Courses

Course Description

Overview

Explore the intricacies of reverse engineering web applications in this 50-minute conference talk from LASCON 2011. Delve into testing guidelines, information gathering techniques, and the assessment phase. Examine various web development concepts including page controllers, query strings, Ruby, and front controllers. Analyze URL rewrite patterns and technology intersections to understand application behavior. Learn about psychoanalysis techniques, encoding types, and complex data structures in web applications. Discover how to interpret source code, exceptions, and timing patterns. Gain valuable insights on testing tips, asking the right questions, and removing metadata to enhance your web application security assessment skills.

Syllabus

Intro
What is reverse engineering
Testing guidelines
Assessment phase 1
Information gathering
Boyds Loop
Caveats
Web Developers
Compositions
Active Testing
Page Controller
Query Strings
Ruby
Front Controller
Compare and Contrast
URL Rewrite Patterns
Download Disqus
Technology Intersecting
Why Does This Matter
Understanding Behavior
Psychoanalysis
Where did you go
How did it get there
Encoding
Types
Complex Types
Source Code
Exceptions
Timing
Failure Patterns
Testing Tips
Asking Questions
Removing Metadata


Taught by

LASCON

Related Courses

Security Principles
(ISC)² via Coursera A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera FinTech for Finance and Business Leaders
ACCA via edX Access Control Concepts
(ISC)² via Coursera Access Controls
(ISC)² via Coursera