Skip to main content
ben_sadeghipour_def_con_training
ben_sadeghipour_def_con_training

Ben Sadeghipour - An Adversarial Approach To Web Application Hacking €3,800 $4,200

$4,200.00

DEFCON Training:

An Adversarial Approach To Web Application Hacking

Overview:

An Adversarial Approach To Web Application Hacking is a complete web hacking course to not only help students learn the basics of web application hacking, but to also allow them to develop their own methodology. 

Throughout this course, we will provide you labs based on real world vulnerabilities discovered by us in organizations such as Airbnb, Apple, Amazon, Snapchat, Yahoo and more.  In this course not only we’ll show you how to exploit vulnerabilities, but we will also show you techniques to exfiltrate data, escarole access, as well as show impact of each vulnerability type.

Here are some free examples of some of the content you may learn from this training:

Blind XSS Walkthrough - https://www.youtube.com/watch?v=MjtMLbRw0lI
I hacked a prison: https://www.youtube.com/watch?v=wssXMwFxAVo&t=4s
I hacked a casino: https://www.youtube.com/watch?v=2eIDxVrk4a8


Course Material:

After completing this training you will be familiar with:

Basics of Web Application Hacking
Burp Suite Basics 
Open Redirect
Cross Site Scripting (Blind, Stored, Reflected)
Cross Site Request forgery (CSRF)
Local file Read & Path Traversal
SQL Injection
Server-Side Request Forgery (SSRF)
Insecure Direct Object Reference (IDOR)
Privilege Escalation
Testing for file uploads
XML external entity (XXE)
Remote Command / Code Execution
Weak or default credentials
API Hacking
Reconnaissance 
Asset Discovery
Content Discovery 
OSINT Recon
Creating and maintaining word lists
Information gathering
Google Dorking
Looking for leaked credentials 
Advanced Shodan Techniques 
Technologies with Known Exploits


Technical difficulty:
Beginner to intermediate

Suggested Prerequisites:
While this training will offer and cover the foundations of web application hacking, it is highly suggested that students have a solid foundation in web application technologies and in web development.

HTTP Basics:
https://developer.mozilla.org/en-US/docs/Web/HTTP

How to set up burp suite:
https://portswigger.net/burp/documentation/desktop/getting-started/download-and-install

Understanding DNS:
https://www.cloudflare.com/learning/dns/what-is-dns

 

DATE: April 22nd-25th 2024
TIME: 8am to 5pm
VENUE: Holiday Inn Express, Canal De La Villette, Paris
TRAINER: Ben Sadeghipour
- 32 hours of training with a certificate of completion.
- 2 coffee breaks are provided per day
- Note: Food is not included

-VAT included in the price

Payment via wire is accepted.

Wire Instructions:

SWIFT/BIC code:  WFBIUS6S
Bank Name:  Wells Fargo Bank
Bank Address:  420 Montgomery San Francisco, CA 94104
Account Name: Def Con Communications Inc
Routing number: 121000248
Account number: 2019560081

You'll receive confirmation within 1 business day.


Registration terms and conditions:

Trainings are refundable before March 10th, the processing fee is €230.

Trainings are non-refundable after March 17th, 2024.

Training tickets may be transferred. Please email us for specifics.

Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.

By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.