Cursos

Advanced Web Hacking

1,125.00 +Iva

Dias: 3
Duração: 18 horas
Próxima Data: 02/11/2020 a 04/11/2020
Área: Cibersegurança
Certificação Associada: N/A
Local: Lisboa e Porto

*Curso disponível em Live Training

Quero inscrever-me
REF: NSSAWH Categoria: Etiqueta:

Descrição

Much like the advanced infrastructure hacking training class, this class talks about a wealth of hacking techniques to compromise web applications, APIs and associated end-points. This class focuses on specific areas of app-sec and on advanced vulnerability identification and exploitation techniques (especially server side flaws). The class allows attendees to practice some neat, new and ridiculous hacks which affected real-life products and have found a mention in real bug-bounty programs. The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known. Attendees can also benefit from a state-of-art Hacklab and we can provide 30 days lab access after the class, to allow attendees more practice time.

Destinatários

• Web Developers , SOC Analysts who wonder types of attacks
Penetration Testers use to find flaws in the applications
• Entry/Intermediate level Penetration Testers who want to
know; what’s next? What are the advanced level attacks
through which they can exploit vulnerabilities?
• Network Engineers, Security Architects, enthusiasts who want
to stay updated with the latests trends in Web application
Hacks
• Any technical person having a basic knowledge of how web
applications work

Programa

Module 1: Attacking Conventional and Modern Authentication
Schemes (SAML, JWT. Token Hijacking attacks and more)
Module 2: Password Reset Attacks
Module 3: Business Logic Flaws / Authorization flaws
Module 4: XML External Entity (XXE) Attacks
Module 5: Breaking Crypto
Module 6: Deserialization Attacks on multiple web technologies
Module 7: SQL Injection Attacks
Module 8: Unrestricted File Upload
Module 9: Server-Side Request Forgery (SSRF)
Module 10: Attacking cloud providers
Module 11: Attacking Hardened Content Management System
Module 12: Miscellaneous Topics

Pré-requisitos

The requirement for this class is that you bring your own
laptop with at least 4 GB RAM and 20 GB of free disk space and
have admin/root access, along with the capability to run Kali
Linux Image from Virtual Box. Familiarity with Burp Suite will be
beneficial for this class.

Outras datas

18/01/2021 a 20/01/2021

01/03/2021 a 03/03/2021