Join us for a journey through the web exploitation universe. Get your hands dirty completing one of SensePost’s most practical courses. Understand how to exploit web vulnerabilities through the use of tools and doing manual exploitation.
Come join us and hack hard!
SensePost has been conducting penetration tests against web applications for nearly two decades and has distilled its approach into this course. SensePost is the specialist pen testing arm of Orange Cyberdefense.
The training will provide a thorough and scientific approach along with techniques to maximise coverage of an application. It is in a highly practical format, with over 20 different practical exercises. You’ll learn how to hand exploit numerous common web vulnerabilities, and understand the theory behind them. You will be better able to help developers prevent these classes of attacks in their applications. We aim to teach you the trade not just the tricks, and while tools are covered and help, you will be taught how to exploit many of these vulnerabilities by hand.
• Introduction to Web Technologies. • Cookies and Session Management. • Introduction to Web Vulnerabilities. • Client and Server Side Attacks. • Indirect Object References. • Path traversal. • Insecure file upload and file inclusion. • XSS/CSRF, DOM Injections and Cache Attacks. • SQL Injection. • Java Deserialisation. • APIs, Microservices and Widgets. • WebAssembly Vulnerabilities. Join us and hack the webs!