Advanced Web Hacking

+ alv./VAT

Pahoittelemme mutta tiedossa ei ole seuraavia kurssipäiviä.
Ole hyvä ja ole yhteydessä myyntiin: 020 7776 670 tai


For IT security professionals, staying up-to-date with the latest vulnerabilities and exploits is a real challenge. Knowing a vulnerability from a high level perspective is not enough. A good security professional must be able to demonstrate the impact of the vulnerability.

To bridge the gap between understanding a vulnerability and to be able to fully exploit it. We have designed a fully hands-on course. During the 3-day course, attendees will be granted access to a state-of-art Hacklab and will be asked to enumerate, assess, exploit and then post exploit vulnerabilities within the Hacklab.


Individuals taking the Advanced Web Hacking course will experience hands-on practical content that is extremely current and taught at the world's top conference stages. The course was written to address the need in the market for high-end training in the field of web platforms; inspired by daily on-site Penetration Testing and training in the community / conferences. The course enable students to practice topics such as exploit chaining, post-exploitation, combining low risk vulnerabilities to obtain high impact outcomes.


The course examines and hacks a wealth of modern vulnerabilities aka (XXE Injection, OOB exploitation, Business logic flaws etc). All labs are virtualised and there are dedicated VMs for each student. The full description is on our website.
Advanced Web Hacking course will familiarise you with a wealth of hacking techniques for common operating systems, networking devices and everything else in between. The CTF is ideal for those preparing for CREST CCT (ACE), CHECK (CTL), TIGER SST and other similar industry certifications and those who perform Penetration Testing on web platforms as a day job and want to take their skills to different level.

This course will be suyitable for delegates Interested in the SANS Institute course SEC542: Web App Penetration Testing and Ethical Hacking


Introduction to Web Applications

  • Design Flaws
  • Authentication
  • Authorization
  • Session Management
  • Logical Flaws
  • Web Server Misconfiguration
  • Application Server Misconfiguration
  • HTTP Methods
  • SSL and MITM attacks

Cross Site Issues

  • Cross Site Scripting
  • Cross Site Request Forgery
  • Session Fixation
  • Flash and Cross Domain Issues

Server Side Issues

  • SQL Injection
  • LDAP Injection
  • XPATH Injection
  • XXE Injection
  • File Uploads
  • Server Side Includes
  • File Inclusion
  • Direct Object Reference
  • OS Code Execution


Prior hands-on experience of common hacking/enumeration tools such as Sqlmap, burp etc., is recommended for the class. QA Certified Ethical Hacker (CEH) certification is strongly recommended as a pre-requisite to this advanced hacking course.

The Advanced Web Hacking course audience includes:

  • Penetration Testers and Security Researchers.
  • CSIRT & Red Team professionals.
  • Security Operations Centre (SOC) analysts
  • Security/System/Network architects.
  • Information Security Professionals.


Paikkoja jäljellä:
Ei paikkarajoitusta
3920,00  + alv./VAT