Skip to main content
    CONTACT

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
    ben_sadeghipour_def_con_training
    ben_sadeghipour_def_con_training

    Ben Sadeghipour - An Adversarial Approach To Web Application Hacking €3,800 $4,200

    Paris 2024
    $4,200.00

    DEFCON Training:

    An Adversarial Approach To Web Application Hacking

    Overview:

    An Adversarial Approach To Web Application Hacking is a complete web hacking course to not only help students learn the basics of web application hacking, but to also allow them to develop their own methodology. 

    Throughout this course, we will provide you labs based on real world vulnerabilities discovered by us in organizations such as Airbnb, Apple, Amazon, Snapchat, Yahoo and more.  In this course not only we’ll show you how to exploit vulnerabilities, but we will also show you techniques to exfiltrate data, escarole access, as well as show impact of each vulnerability type.

    Here are some free examples of some of the content you may learn from this training:

    Blind XSS Walkthrough - https://www.youtube.com/watch?v=MjtMLbRw0lI
    I hacked a prison: https://www.youtube.com/watch?v=wssXMwFxAVo&t=4s
    I hacked a casino: https://www.youtube.com/watch?v=2eIDxVrk4a8


    Course Material:

    After completing this training you will be familiar with:

    Basics of Web Application Hacking
    Burp Suite Basics 
    Open Redirect
    Cross Site Scripting (Blind, Stored, Reflected)
    Cross Site Request forgery (CSRF)
    Local file Read & Path Traversal
    SQL Injection
    Server-Side Request Forgery (SSRF)
    Insecure Direct Object Reference (IDOR)
    Privilege Escalation
    Testing for file uploads
    XML external entity (XXE)
    Remote Command / Code Execution
    Weak or default credentials
    API Hacking
    Reconnaissance 
    Asset Discovery
    Content Discovery 
    OSINT Recon
    Creating and maintaining word lists
    Information gathering
    Google Dorking
    Looking for leaked credentials 
    Advanced Shodan Techniques 
    Technologies with Known Exploits


    Technical difficulty:
    Beginner to intermediate

    Suggested Prerequisites:
    While this training will offer and cover the foundations of web application hacking, it is highly suggested that students have a solid foundation in web application technologies and in web development.

    HTTP Basics:
    https://developer.mozilla.org/en-US/docs/Web/HTTP

    How to set up burp suite:
    https://portswigger.net/burp/documentation/desktop/getting-started/download-and-install

    Understanding DNS:
    https://www.cloudflare.com/learning/dns/what-is-dns

     

    DATE: November 11th-14th 2024
    TIME: 8am to 5pm
    VENUE: Holiday Inn Express, Canal De La Villette, Paris
    TRAINER: Ben Sadeghipour
    - 32 hours of training with a certificate of completion.
    - 2 coffee breaks are provided per day
    - Note: Food is not included

    -VAT included in the price

    Payment via wire is accepted.

    Wire Instructions:

    SWIFT/BIC code:  WFBIUS6S
    Bank Name:  Wells Fargo Bank
    Bank Address:  420 Montgomery San Francisco, CA 94104
    Account Name: Def Con Communications Inc
    Routing number: 121000248
    Account number: 2019560081

    You'll receive confirmation within 1 business day.


    Registration terms and conditions:

    Trainings are refundable before September 15th, the processing fee is €230.

    Trainings are non-refundable after October 1st, 2024.

    Training tickets may be transferred. Please email us for specifics.

    Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.

    By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.

    DEF CON Communications, inc.

    1100 Bellevue way NE

    8A-85

    Bellevue, WA 98004

    Powered by Shopify