Course Description

EC-Council Certified Secure Programmer lays the basic foundation required by all application developers and development organizations to produce applications with greater stability and posing lesser security risks to the consumer. The Certified Secure Application Developer standardizes the knowledge base for application development by incorporating the best practices followed by experienced experts in the various domains.

The distinguishing aspect of ECSP is that unlike vendor or domain specific certifications, it exposes the aspirant to various programming languages from a security perspective. This drives greater appreciation for the platform / architecture / language one specializes on as well as an overview on related ones.


Who Should Attend
 The ECSP certification is intended for programmers who are responsible for designing and building secure Windows/Web based applications with .NET/Java Framework. It is designed for developers who have C#, C++, Java, PHP, ASP, .NET and SQL development skills.
 

Prerequisites
 You must have programming fundamental knowledge.


Duration:
5 days (9:00 – 5:00)

Certification
The ECSP 312-92 exam will be conducted on the last day of training. Students need to pass the online Prometric exam to receive the ECSP certification. 

Course Outline v2

Module I: Introduction to Secure Coding

§  Software Security Scenario

§  Secure Coding

§  Common Security Mistakes

§  Why Security Mistakes Are Made

§  Need for Secure Programming

§  Building Blocks of Software Security

§  Types of Security Vulnerabilities

§  Vulnerability Cycle

§  Types of Attacks

§  Hackers and Crackers or Attackers

§  Risk Assessment and Threat Modeling

§  STRIDE Threat Model

§  Common Criteria

§  Security Architecture

§  Security Principles

§  Secure Development Checklists

§  Use of Privilege

o    Data, Configuration, and Temporary Files

o    Network Port Use

o    Audit Logs

o    User-Server Authentication

 

Module II: Designing Secure Architecture

  • Introduction
  • Secure Architecture
  • Application Security
  • Factors Affecting Application Security
  • Software Engineering and System Development Life Cycle (SDLC)
  • Different Phases of Software Development Life Cycle

o    System Requirements

o    Specifications

o    Design

o    Coding

o    Testing

o    Integration Testing

o    Maintenance

  • Software Methodology Models
    • Waterfall Model
    • RAD (Rapid Application Development)
    • JAD (Joint Application Development)
    • Fountain Model
    • Spiral Model
    • Build and Fix
    • Synchronize-and-Stabilize
  • Agile Methodologies
  • Extreme Programming (XP)
    • XP Practices
    • The Rules and Practices of Extreme Programming
  • Unified Modeling Language (UML)
    • Primary Goals
    • Diagram
    • UML Tool

·   Rational Rose

  • Vulnerabilities and Other Security Issues in a Software Application

o    Security Through Obscurity

o    Buffer Overflows

o    Format String Vulnerabilities/ Race Conditions

o    Locking Problems

o    Exception Handling

o    Fundamentals of Control Granularity

o    Concepts Of Fail Safe Design Strategies

o    Fail Safe Design Strategies

·         Fault Tolerance and Detection

·         Fault Removal and Avoidance

o    Input and Parameter Validation

o    Encrypting Secrets in Memory and  Storage

o    Scrubbing Information

o    Privilege Levels for Information Access

o    Loose Coupling

o    High Cohesion

o    Change Management and Version Control

  • Best Practices for Software Development Projects

 

Module III: Cryptography

§  Introduction to Cryptography

o    Encryption

o    Decryption

§  Use of Cryptography

§  Classical Cryptographic Techniques

§  Modern Cryptographic Techniques

§  Cipher

§  RSA (Rivest Shamir Adleman)

o    Example of RSA Algorithm

o    RSA Attacks

o    RSA Challenge

o    Implementation of RSA in C++

§  Data Encryption Standard (DES)

o    DES Overview

o    Implementation of DES in Java

§  RC4, RC5, RC6, Blowfish

o    RC5

§  Blowfish Algorithm in C

§  Message Digest Functions

o    One-way Bash Functions

o    MD5

o    Implementation of MD5 in Java

§  SHA (Secure Hash Algorithm)

o    SHA Implementation in Java

§  SSL (Secure Sockets Layer)

§  What is SSH?

o    SSH (Secure Shell)

§  Algorithms and Security

§  Disk Encryption

§  Government Access to Keys (GAK)

§  Digital Signature

o    Components of a Digital Signature

o    Method of Digital Signature Technology

o    Use of Digital Signature

o    Digital Signature Standard

o    Digital Signature Algorithm: Signature Generation/Verification

o    Digital Signature Algorithms: ECDSA, ElGamal Signature Scheme

o    Challenges and Opportunities

§  Digital Certificates

o    Creating and Verifying a Simple XML Digital Signature in C#

o    Cleversafe Grid Builder http://www.cleversafe.com/

§  PGP (Pretty Good Privacy)

§  CypherCalc

§  Command Line Scriptor

§  CryptoHeaven

§  Cryptanalysis

§  Cryptography Attacks

§  Brute-Force Attack

§  Use Of Cryptography

 

Module IV: Buffer Overflows

  • Buffer Overflows
  • Reasons for Buffer Overflow Attacks
  • Why are Programs/Applications Vulnerable?
  • Understanding Stacks
  • Understanding Heaps
  • Types of Buffer Overflows: Stack-based Buffer Overflow
    • A Simple Uncontrolled Overflow of the Stack
    • Stack Based Buffer Overflows
  • Types of Buffer Overflows: Heap-based Buffer Overflow
    • Heap Memory Buffer Overflow Bug
    • Heap-based Buffer Overflow
  • How to Detect Buffer Overflows in a Program
    • Attacking a Real Program
  • Defense Against Buffer Overflows

o    Tool to Defend Buffer Overflow: Return Address Defender (RAD)

o    Tool to Defend Buffer Overflow: StackGuard

o    Tool to Defend Buffer Overflow: Immunix System

o    Vulnerability Search – ICAT

o    Valgrind

o    Insure++

  • Buffer Overflow Protection Solution: Libsafe
    • Comparing Functions of libc and Libsafe
  • Simple Buffer Overflow in C
    • Code Analysis

 

Module V: Secure C and C++ Programming

  • Introduction of C/C++
  • Vulnerable C/C++ Functions

o    Strcpy()

o    Strncat()

o    Strncpy()

o    Sprintf()

o    Gets()

  • C/C++ Vulnerabilities

o    Buffer Overflow

·         Strings

·         Countermeasures

·         Integer Vulnerabilities

·         Truncation

·         Sign Error

·         Countermeasures

o    Pointer Subterfuge

o    Dynamic Memory Management

o    Stack Smashing

o    GCC Extension to Protect Stack-Smashing Attacks

o    Heap-Based Buffer Overflow

o    Off By One/Five Errors

o    Double Free Vulnerability

  • Secure Memory Allocation Tips
  • Symmetric Encryption
    • Symmetric Encryption in C++
  • Blowfish Algorithm in C
  • Public Key Cryptography
    • Public Key Cryptography in C++
  • Networking
    • Creating an SSL Client in C++
    • Creating an SSL Server
  • Random Number Generation Problem
  • Anti-Tampering

o    Anti-Tampering Techniques

  • Erasing Data from Memory Securely using C/C++
  • Preventing Memory From Being Paged to Disk
  • Using Variable Arguments Properly
  • Signal Handling
  • Encapsulation in C++
  • Best Practices for Input Validation
  • Code Profiling And Memory Debugging Tool: Val grind

 

Module VI: Secure Java and JSP Programming

§  Introduction to Java

§  JVM

§  Java Security

§  Sandbox Model

§  Security Issues with Java

o    SQL Injection Attack

·         SQL Injection using UNION

·         Preventive Measures for SQL Injection

o    URL Tampering

o    Denial-of-Service (DoS) Attack on Applet

·         Sample Code for DoS Attack

·         DoS by Opening Untrusted Windows

·         Preventing DOS Attacks

o    .Class File Format

o    Byte Code Attack

o    Reverse Engineering/ Decompilation by Mocha

o    Obfuscation Tools: Jmangle

o    Cinnabar Canner

§  Byte Code Verifier

§  Class Loader

o    Building a SimpleClassLoader

§  Security Manager

§  jarsigner - JAR Signing and Verification Tool

§  Signing an Applet Using RSA-Signed Certificates

o    Signing Tools

o    Getting RSA Certificates

o    Bundling Java Applets as JAR Files

o    Signing Java Applets Using Jarsigner

o    Signing Java Applets Using Netscape Signing Tool

§  Security Extensions

o    Java Authentication and Authorization Service (JAAS)

o    Java Cryptographic Extension (JCE)

o    Java Cryptography Architecture

o    JCE: Pseudo Code for Encryption

o    JCE: Pseudo Code for Decryption

o    Sample Code for Encryption and Decryption

o    Java(TM) Secure Socket Extension (JSSE)

§  Creating Secure Client Sockets