Web Hacking

This class familiarises the attendees with a wealth of tools and techniques needed to breach the security of web applications. The class starts from the very basics, and gradually builds up to a level where attendees can not only use the tools and techniques to hack various components involved in Web Application hacking, but also walk away with a solid understanding of the concepts on which these tools are based. The class also covers the industry standards such as OWASP Top 10, PCI DSS and contains numerous real life examples to help the attendees understand the true impact of these vulnerabilities.

Features:

• Introduction into Web Application hacking.

• Practical in focus, teaching how web application security flaws are discovered.

• Covers leading industry standards and approaches.

• Builds the foundation to progress your knowledge and move into more advanced Web Application topics.

Day 1:

• Information Gathering, Profiling and Cross-Site Scripting

• Understanding HTTP Protocol

• Identifying the Attack Surface

• Username Enumeration

• Information Disclosure

• Issues with SSL/TLS

• Cross-Site Scripting

• Cross-Site Request Forgery

Day 2:

• Injection, Flaws, Files and Hacks

• SQL Injection

• XXE Attacks

• OS Code Injection

• Local/Remote File Include

• Cryptographic Weakness

• Business Logic Flaws

• Insecure File Uploads

Who should take this class?

System Administrators, Web Developers, SOC analysts, Penetration Testers, network engineers, security enthusiasts and anyone who wants to take their skills to the next level.