3 Day Developer Edition Practical Web Application Pentest Training w/ Tim Tomes

https://a248.e.akamai.net/secure.meetupstatic.com/photos/event/4/8/8/1/600_455238561.jpeg

Please note: We closed RSVPs here at Meetup.com, as RSVP'ing "yes" here does NOT sign you up. You must instead ==> SIGN UP HERE (https://www.regonline.com/registration/Checkin.aspx?EventID=1890259) <==

The Developer Edition contains the same content as the original PWAPT course (Standard Edition), but adds a full day of code remediation lecture and exercises. The code remediation content includes discussions on the proper techniques for mitigating vulnerabilities, and exercises where the instructor and students will modify the application's source code to implement mitigating controls and test them for effectiveness.

This course provides customized training on the latest open source tools and manual techniques for performing end-to-end web application penetration testing engagements. After a quick overview of the penetration testing methodology, the instructor will lead students through the process of testing and exploiting a target web application using the techniques and approaches developed from a career of real world application penetration testing experiences. Students will be introduced to the best open source tools currently available for the specific steps of the methodology, including Burp Suite Pro, and taught how to integrate these tools with manual testing techniques to maximize effectiveness. A major goal of this course is teaching students the glue that brings the tools and techniques together to successfully perform a web application penetration test from beginning to end, an oversight in most web application penetration testing courses.

The majority of the course will be spent performing an instructor led, hands-on web application penetration test against a target application built specifically for this class using a modern technology stack (Python Flask) and including real vulnerabilities as encountered in the wild. No old-school vanilla PHP stuff here folks. Students won’t be given overly simplistic steps to execute independently. Rather, at each stage of the test, the instructor will present the goals that each testing task is to accomplish and perform the penetration test in front of the class while students do it on their own machine. Primary emphasis of these instructor led exercises will be placed on how to integrate the tools with manual testing procedures to improve the overall work flow. This experience will help students gain the confidence and knowledge necessary to perform web application penetration tests as an application security professional.

More information is at:

http://www.lanmaster53.com/training/