Advanced web hacking

Catégorie : Gestion des risques, Technique et réseau

Durée : 3 jours

Lieu de la formation : Maison de la Chimie

Détails de la formation

This class teaches the audience a wealth of hacking techniques to compromise modern-day web applications, APIs and associated end-points. This class focuses on specific areas of appsec and on advanced vulnerability identification and exploitation techniques. The class allows attendees to learn and practice some neat, new and ridiculous hacks which affected real-life products and have found a mention in real bug-bounty programs.

The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known.

Attendees will also benefit from a state-of-art Hacklab and we will be providing FREE 30 days lab access after the class to allow attendees more practice time.

Some of the highlights of the class include:

Modern JWT, SAML, OAuth bugs
Core business logic issues
Practical cryptographic flaws.
RCE via Serialisation, Object, OGNL and template injection.
Exploitation over DNS channels
Advanced SSRF, HPP, XXE and SQLi topics.
Serverless exploits
Web Caching issues
Attack chaining and real-life examples.

Lien vers la description de la formation : https://hackinparis.com/trainings/#training-2020-advanced-web-hacking-3-day

Niveau souhaité : Confirmé

Fonction souhaitée : Web developers, SOC analysts, intermediate level penetration testers, DevOps engineers, network engineers, security architects, security enthusiasts and anyone who wants to take their skills to the next level.

Conditions

Prix de la formation : 2150 HT

Informations complémentaires

Détail des supports remis au participant : https://hackinparis.com/trainings/#training-2020-advanced-web-hacking-3-day

En intra : non En inter : non

Conditions repas et hébergement : Repas inclus