There is no upcoming training scheduled right now. Please check back soon.
This fast-paced class gives attendees an insight into advanced AppSec topics. The class curriculum is split into two: 3 days of Server Side Flaws, 2 days of Client Side Flaws.
You will have access to:
- State-of-the-art hacklab with relevant tools and VMs
- Dedicated Kali VM to each attendee
- A hacking lab for 30 days after completion of the course. Scripts and tools are provided during the training, along with student hand-outs.
- If you work in the security industry of modern web applications, you will benefit from this class.
- This is not a beginner class. To gain the maximum value from the topics being explored, attendees should have a strong understanding of the OWASP top 10 issues.
- The class does not cover all AppSec topics and focuses only on advanced identification and exploitation techniques of vulnerabilities.
Learn hacking techniques that compromise web apps, APIs, and associated end-points. The class focuses on server-side flaws. The vulnerabilities we present usually go undetected by modern scanners.
SAML / OAUTH 2.0 / AUTH-0 / JWT Attacks
- Token hijacking attacks
- SQL column truncation attack
- Logical bypass / Boundary conditions
Password reset attacks
- JW token brute-force attacks
- SAML authentication and authorization bypass
- XXE through SAML
- Advanced XXE exploitation over OOB channels
- Cookie swap
- Host header validation bypass
- Case study of popular password reset fails
Business logic flaws / Authorization flaws
- Known plaintext attack (faulty password reset)
- Path traversal using Padding Oracle
- Hash length extension attacks
- Mass assignment
- Invite / promo code bypass
- Replay attack
Remote Code Execution (RCE)
- 2nd order injection
- Out-of-band exploitation
- SQLi through crypto
- NoSQL injection
- OS code exec via powershell
- Advanced topics in SQLi
Server Side Request forgery (SSRF)
- Java serialization attack
- Node.js RCE
- PHP object injection
- RCE through XXE (with blind XXE)
- RCE through XSLT
- Rails remote code execution
- Ruby / ERB template injection
- Exploiting code injection over OOB channel
Unrestricted file upload
- SSRF to query internal networks
- SSRF to code exec
- Malicious file extensions
- Circumventing file validation checks
- Web shells for modern platforms
- HTTP parameter pollution (HPP)
- XXE in file parsing
- Collection of weird and wonderful XSS and CSRF attacks
- Combining client-side and server-side attacks to steal internal secrets
- B33r 101