Orange Cyberdefense Trainings - Web Application Hacking

Mon Oct 19 2020 at 09:00 am to Tue Oct 20 2020 at 05:00 pm
Arrow Education Services, 2nd Floor, London, United Kingdom

Arrow Education Services, 2nd Floor, London, United Kingdom

Created By:
Spread the word
***Ticket information: please note the course price includes VAT***

This course will teach you how to analyse web applications for vulnerabilities and exploit them.

SensePost has been conducting penetration tests against web applications for nearly two decades and has distilled its approach into this course. Providing a thorough and scientific approach, techniques to maximise coverage of an application will be taught.Whether you're a developer looking to better understand how to defend your applications or a penetration tester looking to enhance your web application bug hunting, this course is for you.This course is highly practical, with over 22 different practical exercises. You'll learn how to hand exploit numerous common web vulnerabilities, and understand the theory behind them. You will be better able to help developers prevent these classes of attacks in their applications. We aim to teach you the trade not just the tricks, and while tools are covered and help, you will be taught how to exploit many of these vulnerabilities by hand.No equipment other than a web browser is needed. We make use of a fully cloud-based and individual virtual training lab meaning no interference from other students, a robust and safe practise environment, and time to experiment throughout.


------------------------------------------------------------------------Key Takeaways:

- A general approach and methodology for hacking web applications- A good understanding of the tools and techniques for examining web applications- Practical and practiced skills (there are a lot of pracs in this course)

------------------------------------------------------------------------Some of the topics covered:

Introduction to web technologies

Understanding the protocols that power the web and getting comfortable with how they look on the wire as well as intercepting and modifying them.

Cookies and Session Management

Understanding how sessions work in applications, and how cookies can be manipulated.

Introduction to Web Vulnerabilities

Theory on what a vulnerability is and an introduction to the OWASP Top 10

Client and Server Side Attacks

Understanding web architectures, and the threat models associated with them as well as several client and server-side vulnerabilities and related exploits.

Indirect Object References

Identifying and exploiting poor authorisations controls.

Brute forcing for restricted data.

Path traversal

Exploiting path traversal vulnerabilities and bypass restrictions.

Insecure file upload & file inclusion

Introductions to web shells and code execution attacks.

XSS/CSRF & DOM Injections & Cache Attacks

Manipulating the DOM with various attacks

The impact of CDNs and different browser headers

SQL & Command Injection attacks

Understanding data store and operating system setups and how to exploit and explore them

Java Deserialisation

Exploiting deserialisation vulnerabilities with ysoserial

APIs, Microservices & Widgets

Working with APIs, common formats, tools and vulnerabilities

Web Assembly Vulnerabilities

Understanding wasm

New attack surface exposed by wasm

Please note, refreshments and lunches included on both days.

------------------------------------------------------------------------ promotes public events for free and helps event organizers connect with nonprofits to attract more participants like you.

Additionally, the iCause Global Foundation enables good people to fund great causes around the world. Together, our impacts are limitless!

Created By:
Spread the word

More Events in london

Global ETFs Insights Summit - London 2020

The Waldorf Hilton , Aldwych, London, United Kingdom

Mon Oct 19 2020

Online: London One Week Art Therapy Foundation Course

BAAT - The British Association of Art Therapists , British Association of Art Therapists 24-27 White Lion Street, London, United Kingdom

Mon Oct 19 2020

Minute Taking – A Practical Guide (London Venue)

Pitman Training London , Salisbury House, London, United Kingdom

Mon Oct 19 2020

TB Mantoux and BCG Immunisations - London (19.10.2020)

Kimpton Fitzroy London Hotel , 1-8 Russell Square, London, United Kingdom

Mon Oct 19 2020
View all events in London