DEF CON Training
Web Hacking Bootcamp - Orange Cyberdefense $2,600
Name of training:
Web Hacking Bootcamp
Trainer(s) bio:
SensePost, an elite ethical hacking team of Orange Cyberdefense have been training internationally since 2002. We pride ourselves on ensuring our content, our training environment and trainers are all epic in every way possible. The trainers you will meet are working penetration testers, responsible for numerous tools, talks and 0day releases. This provides you with real experiences from the field along with actual practitioners who will be able to support you in a wide range of real-world security discussions. We have years of experience building environments and labs tailored for learning, after all education is at the core of SensePost and Orange Cyberdefense.
Trainer(s) social media links:
@sensepost_train
@sensepost
@orangecyberdef
Have you taught this training before? Where and when?
A version of this course has been presented at BlackHat in 2022.
This course has been adjusted in 2023 to focus its delivery to be jam packed and a bit of a bootcamp course. Going from zero to hero in two-days.
Do you have links to sites that promoted your past training so we can better understand how you presented it to the public?
Here is the 2022 web course details: https://www.blackhat.com/us-22/training/schedule/#applied-web-application-hacking---2-days-25715
Class Description:
Most organizations utilize web applications. Due to the exposed nature of web applications and complex business logic they contain, they are a valuable target for attackers. Throughout this course focus will be placed on the various vulnerabilities that could affect web applications.
This course will teach you how to analyze web applications for vulnerabilities and teach you how to exploit them in order improve your understanding of the inner workings and the associated risks.
Practical exposure to hacking web application will provide developers a deeper understanding of the potential threats and issues that could find its way into the development lifecycle and furthermore ensure that penetration testers are well versed with the discovery and exploitation of web related issues.
Key Points:
* Greater understanding of the risks associated with web applications
* A good understanding of the tools and techniques for examining web applications
* Practical skills to exploit a wide variety of web application vulnerabilities
We have been conducting penetration tests against web applications for nearly two decades have pulled out the most relevant and fun hacks we could find into this course.
Whether you’re a developer looking to better understand how to defend your applications or a penetration tester looking to enhance your web application bug hunting, this course is for you.
This course is highly practical, with a cornucopia different practical exercises. You’ll learn how to hand exploit numerous common web vulnerabilities and understand the theory behind them. You will be better able to help developers prevent these classes of attacks in their applications. We aim to teach you the trade not just the tricks, and while tools are covered and help, you will be taught how to exploit many of these vulnerabilities by hand.
Details:
* 2-day course
* 60% practical and 40% theoretical
* Immersive practicals with a wide spread of coverage
* Delivered by active penetration testers
Topics covered:
* Web technology fundamentals
* Cookies and sessions abuse
* Web vulnerabilities and exploitation
* Enumeration
* File upload manipulations
* Injection based attacks
Our training facility is delivered via SensePost, the specialist pentesting arm of Orange Cyberdefense.
SensePost have trained thousands of students on the art of network and application exploitation for the past two decade. It’s safe to say we enjoy teaching others how to own networks and applications. Our courses are developed from the work we perform for clients, so that you get a better understanding of how to exploit real-world scenarios.
Come join us and hack hard!
Class outline:
The full course outline is for use by the Def Con Training review team and preferably not published on the website.
The content of the course has 16 main modules and multiple sub modules as follows:
Introduction to web technologies
* HTTP basics
* GET and POST requests
* Parameters
* Web servers and web applications
* URL, Base64 and HTML encoding
* Intercepting proxies
* Practical outcome: Understand how GET and POST requests work, and how they can be intercepted
Cookies and Session Management
* How cookies work
* How sessions work
* How to manipulate cookies with Firefox's Development Console
* Practical outcome: Understand how cookies work, and how they can be modified
Introduction to Web Vulnerabilities
* What is a vulnerability?
* Common web vulnerabilities and OWASP Top 10
Client and Server Side Attacks
* Server side controls
* Client side controls
* Bypassing server and client controls with Burp and Firefox's Development Console
* Practical outcome: Understand how to bypass client and server side controls
Broken authentication and authorization
* Identifying broken authorization and authentication controls.
* Exploiting client side redirection
* Practical outcome: Understand how to identify and bypass broken authentication and authentication controls.
Enumeration
* How to find useful information
* Directory listing and brute forcing URLs
* User enumeration and other error conditions
Session identifier disclosure
* The impact of session identifiers
* Practical outcome: Understand how find and exploit disclosed session identifiers.
Insecure Direct Object References (IDOR)
* Accessing other users objects via IDOR vulnerabilities
* How to automate IDOR and other brute-force attacks
* Practical outcome: Understand how to enumerate users, brute force accounts and exploit IDOR vulnerabilities.
Local File Inclusion (LFI) vulnerabilities
* How to find local file inclusion vulnerabilities.
* How to exploit local file inclusion vulnerabilities with uploaded files
* How to exploit local file inclusion vulnerabilities when files cannot be uploaded
* Practical outcome: Understand how local file inclusion vulnerabilities can be exploited with and without file upload functionality.
Insecure file upload vulnerabilities
* How web applications use extensions and why they matter
* Web shells and code execution
* Bypassing extension whitelists and blacklists
* Bypassing additional controls such as .htaccess files
* Practical outcome: Understand the basics of file upload exploitation, and how to bypass upload restrictions.
Injection
* The concept of injection
* Different types of injection
* Demonstrating injection
* How to find injection vulnerabilities by fuzzing
Cross-Site Scripting (XSS)
* Introduction to HTML injection and XSS
* Stored, Reflective and DOM XSS
* XSS attack payloads
* SOP and Cookie stealers
* Bypassing XSS restrictions
* Practical Outcome: Understand how reflective cross site scripting vulnerabilities can be identified and exploited, and how to bypass reflective cross site scripting vulnerability filters.
Cross Site Request Forgery (CSRF)
* Introduction to CSRF vulnerabilities
* Using XSS to exploit CSRF
* Practical outcome: Understand how to exploit stored cross site scripting and cross site request forgery vulnerabilities, and how they can be used together.
Command Injection
* Chaining commands for stacked command execution
* Testing and exploiting command injection
* Finding and exploiting blind injection
* How reverse shells work
* Practical Outcome: Understand how to find and exploit both blind and non-blind command injection vulnerabilities.
SQL Injection
* SQL at a glance
* SQL injection introduction
* How to find SQL injection
* How to exploit different SQLi over different databases (Postgres and MSSQL)
* How to use SQL injection to execute operating system commands
* Practical outcome: Learn basic SQL, how SQL injection vulnerabilities can be identified, used to extract information, and execute operating system commands.
Java Deserialization
* How Java serialization and deserialization work
* How to identify and exploit Java Deserialization vulnerabilities with ysoserial
* Practical outcome: Learn how Java Deserialisation vulnerabilities can be identified and used to execute code.
Technical difficulty:
This is an intermediate class which requires students to have a solid working understanding of web technologies.
Suggested prerequisites for the class:
Hacking experience isn't a requirement for this course. However, a technical understanding of how web applications work is required. Development experience isn't a requirement but can help.
While not a strict requirement, students will benefit from having an understanding of the following topics before attending the course:
* Fundamentals of programming
* Programming in the following languages:
** HTML
** JavaScript
** SQL
** NoSQL
A familiarity of these topics can be obtained from the following links or other resources:
* https://www.tutorialspoint.com/computer_programming/computer_programming_functions
* https://www.w3schools.com/html/html_intro.asp
* https://www.w3schools.com/js/js_intro.asp
* https://www.w3schools.com/sql/default.asp
* https://www.guru99.com/mongodb-query-document-using-find.html
Items students will need to provide:
As the bare minimum, you will need to bring along a laptop that is able to run the latest version of Firefox.
DATE: August 14th-15th 2023
TIME: 8am to 5pm PDT
VENUE: Caesars Forum, Las Vegas, NV
TRAINER: TBA
- 16 hours of training with a certificate of completion.
- Note: Classes that do not meet their minimum class size by July 15 will be canceled, please register early
- 2 coffee breaks are provided per day
- Note: Food is not included
Registration terms and conditions:
Trainings are refundable before July 1st, the processing fee is $250.
Trainings are non-refundable after July 10th, 2023.
Training tickets may be transferred. Please email us for specifics.
Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.
$2,600.00