Web application hacking – OWASP Top 10

Web application hacking is two-day training focused on common web application vulnerabilities from penetration tester and developer perspective. The group training is designed for 8 persons.

The training reflects structure of OWASP Top 10 report. We are going to identify each vulnerability, exploit it and discuss a security impact.

Students get hands-on experience with testing tools Burp Suite, DirBuster, SQLmap and netcat. Each student also obtains a study material in electronic form (PDF) in order to refresh skills or practice later in VPN – Extended labs.

Prerequisites

  • bring and prepare your laptop, see technical requirements
  • OS Linux user knowledge
  • understanding of TCP/IP protocols, especially HTTP
  • basic understanding of SQL

Course detail

  • A1: Injection (SQL & OS command injection)
  • A2: Broken Authentication and Session Management
  • A3: Cross-Site Scripting (XSS)
  • A4: Insecure Direct Object References
  • A5: Security Misconfiguration
  • A6: Sensitive Data Exposure
  • A7: Missing Function Level Access Control
  • A8: Cross-Site Request Forgery (CSRF)
  • A9: Using Known Vulnerable Components
  • A10: Unvalidated Redirects and Forwards
  • Unrestricted upload vulnerability
  • Local and remote file inclusion vulnerability
  • Log on bruteforce attack

This course is intended for ...

  • Security analyst

  • Security manager

  • Penetration tester

  • Application security specialist

  • Security monitoring specialist

  • System administrator

  • Tester

  • Developer

from 05. 06. 2019
to 06. 06. 2019
(09:00-17:00 hod)

Praha
(Show on map)

2 days

13 200 CZK
incl. VAT

Order course

from 12. 06. 2019
to 13. 06. 2019
(09:00-17:00 hod)

Hradec Králové
(Show on map)

2 days

13 200 CZK
incl. VAT

Order course
Term Place Course duration Price

from 05. 06. 2019
to 06. 06. 2019
(09:00-17:00 hod)

Praha
(Show on map)

2 days

13 200 CZK
incl. VAT

Order course

from 12. 06. 2019
to 13. 06. 2019
(09:00-17:00 hod)

Hradec Králové
(Show on map)

2 days

13 200 CZK
incl. VAT

Order course

Kamil Krbec

Web application hacking – OWASP Top 10

Realy nice introduction into web application security, practical usage of tools.

Hynek Hladík

Web application hacking – OWASP Top 10

I appreciate very much live demonstrations of OWASP TOP 10 together with hacking tools which help to identify web app weaknesses.

Jan Černý

Web application hacking – OWASP Top 10

Practical examples you can try immediately mixed up with theory. I recommend the training.

Web application hacking – OWASP Top 10

successfully added to cart.

cart
×

Blog

Contacts

WABANK – OWASP Top 10 testing

WABANK is deliberately vulnerable web application for security testing according OWASP Top 10 report. Application is free for non commercial usage only.      …

Read more

Kali linux – keep your tools up-to-date

There is lot of hacking tools available in Kali linux but early or late every package becomes older. What we can do with that? In…

Read more

Firewallking (en)

This is an english version of firewalking the rest is in czech

Kontakty

+420 739 639 132

Petr Juhaňák
V Poli 547
517 71 České Meziříčí
Czech Republic

IČO 01259041