Past Meetups (1)

What we're about

OVERVIEW

This course familiarizes the attendees with a wealth of tools and techniques needed to breach the security of web applications.

Our two day training is geared towards new hackers with limited knowledge of vulnerabilities, bug bounties, penetration testing, etc.

The course also covers the industry standards such as OWASP Top 10, PCI DSS and contain numerous real life examples to help the attendees understand the true impact of these vulnerabilities.

WHY YOU SHOULD ATTEND

We start from very basics so that everyone will be starting from same page.

You will learn the approach of web application testing, we will teach methodology to test web application.

We will teach you how to prepare a professional grade penetration testing report.

We will provide one full month online support after training is completed, we will have weekly skype session to review assignments and clarify any doubts

Finally we made our training affordable for everyone by charging very less and providing more.

COURSE OUTLINE:

Day 1:

Understanding the Basics of HTTP protocol

How to use BurpSuite Free Edition Effectively.

Identifying the attack surfaces using BurpSuite

Information gathering using tools like ; Nmap, Curl, Nikto & dirb.

Authentication Flaws & Authorization Bypass.

Tools & Techniques for Exploiting SQL Injection.

Day 2:

Insecure Direct Object Reference.

Cross Site Scripting (XSS) Stored & Reflected.

Cross Site Request Forgery (CSRF).

Insecure File Uploads & RCE.

SOAP & REST Web Services Testing.

Writing an effective Web Application Pentest Report.

WHAT STUDENTS WILL BE PROVIDED WITH

All the students will be provided with a custom Virtual Machine & lots of assignments with challenges to solve.

As this is a fast-paced course, attendees will be granted with free 30 days online support via weekly Skype sessions to review

assignments and to clarify any doubts on concepts taught during the class.

Offcourse we do have complimentary lunch on both days for all the participants.

WHO SHOULD TAKE THE COURSE

Entry Level / Intermediate level penetration testers, SOC analysts, security enthusiasts and anyone who wants to take their

skills to next level.

WHAT ATTENDEES SHOULD BRING

Students must bring their own laptop and should have admin/root access on it.

The laptop should have at least 4 GB RAM, 20GB of free disk space with working wireless connection and a working copy of

VirtualBox 5.1.14 or above with VirtualBox Extension packs installed in it.

ABOUT TRAINERS

Praveen Kumar K, OSCP | Professional Profile | LinkedIn
Arun S | Professional Profile | LinkedIn

Members (169)