Source Incite's Full Stack Web Attack
Full Stack Web Attack is not an entry-level course. It’s designed to push you beyond what you thought was possible and set you on the path to develop your own workflow for offensive zero-day Web research. Many Web application testers and bounty hunters are focused on attacking Web applications via a blackbox approach. However, given today’s Web technology landscape, code is getting more abstracted, frameworks are being added and complexity is on the rise and as such, so are the vulnerabilities. Old techniques are being replaced with new Web attack research which is limited to a handful of world renowned experts.
To tackle this, security experts need to take a white box approach. Blackbox testing is no longer an effective approach, particularly if you want to find critical unauthenticated remote code execution vulnerabilities. In this course, several vulnerabilities will be revealed which would have been impossible to discover or exploit without access to the source code.
Classes are limited. Get registered!
The technology stacks of web applications today are becoming increasingly complex. In order to discover deep vulnerability patterns and exploit primitives, analysis of the underlying source code is required. This course is designed for focused pen testers, red teamers and developers that want to move beyond blackbox penetration testing to find and exploit high impact server-side vulnerabilities.
Learn the following key skills:
Columbia, MD (East Coast) San Francisco, CA (West Coast)
This course is developed for web penetration testers, bug hunters and developers that want to make a switch to server-side web security research or see how serious adversaries will attack their web based code.
A laptop with: A 64bit Host operating system 16 Gb RAM minimum VMWare Workstation/Fusion 100 GB Hard disk free minimum Wired and Wireless network support USB 3.0 support
Students must have the following knowledge and skills:
Why choose the Center for Cyber Security Training
Interactive, classroom-based learning
Subject matter experts
Trusted by US government agencies
It was very inspiring to see your strategy, way of thinking and searching through code. That is even more valuable than the vulnerabilities themselves. It was possibly one of the most challenging trainings, I took, in a good way.
Want more information?
Download the Full Stack Web Attacks course outline now.
Upcoming Training Sessions
San Francisco, CA. - December 1-4, 2020
Classes are limited.
Our classroom delivers the most in-demand content from the highest profile subject matter experts. Intense and interactive, our courses prepare students with actionable insight and proven strategies.
Black Belt Pentesting / Bug Hunting Millionaire
Modern Web applications are complex and it’s all about full-stack these days. That’s why you need to dive into full-stack exploitation if you want to master Web attacks and maximize your payouts. Say ‘No’ to classical Web application hacking. Join this unique hands-on training and become a full-stack exploitation master.