This class familiarises the attendees with a wealth of tools and techniques needed to breach the security of web applications. The class starts from the very basics, and gradually builds up to a level where attendees can not only use the tools and techniques to hack various components involved in Web Application hacking, but also walk away with a solid understanding of the concepts on which these tools are based. The class also covers the industry standards such as OWASP Top 10, PCI DSS and contains numerous real life examples to help the attendees understand the true impact of these vulnerabilities.
Introduction into Web Application hacking.
Practical in focus, teaching how web application security flaws are discovered.
Covers leading industry standards and approaches.
Builds the foundation to progress your knowledge and move into more advanced Web Application topics.
Information Gathering, Profiling and Cross-Site Scripting
Understanding HTTP Protocol
Identifying the Attack Surface
Issues with SSL/TLS
Cross-Site Request Forgery
Injection, Flaws, Files and Hacks
OS Code Injection
Local/Remote File Include
Business Logic Flaws
Insecure File Uploads
Who should take this class?
System Administrators, Web Developers, SOC analysts, Penetration Testers, network engineers, security enthusiasts and anyone who wants to take their skills to the next level.