Back To Schedule
Monday, July 2 • 8:00am - Wednesday, July 4 • 5:00pm
3-Day Training: Advanced Web Hacking LIMITED

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Limited Capacity seats available

This class focus on specific areas of app-sec and on advanced vulnerability identification and exploitation techniques (especially server side flaws). The class allows attendees to practice some neat, new and ridiculous hacks which affected real life products and have found a mention in real bug-bounty programs.
The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known. This class talks about a wealth of hacking techniques to compromise web applications, APIs and associated end-points.
The following is the course outline:
  • Authentication Bypass
    • Token Hijacking attacks
    • Logical Bypass / Boundary Conditions
  • SAML / OAuth 2.0 / Auth-0 / JWT Attacks
    • JWT Token Brute-Force attacks
    • SAML Authentication and Authorization Bypass
    • XXE through SAML
    • Advanced XXE Exploitation over OOB channels
  • Password Reset Attacks
    • Cookie Swap
    • Host Header Validation Bypass
    • Case study of popular password reset fails.
  • Breaking Crypto
    • Known Plaintext Attack (Faulty Password Reset)
    • Path Traversal using Padding Oracle
    • Hash length extension attacks
  • Business Logic Flaws / Authorization flaws
    • Mass Assignment
    • Invite/Promo Code Bypass
    • Replay Attack
    • API Authorization Bypass
  • SQL Injection
    • 2nd order injection
    • Out-of-Band exploitation
    • SQLi through crypto
    • OS code exec via powershell.
    • Advanced topics in SQli
  • Remote Code Execution (RCE)
    • Java Serialisation Attack
    • Node.js RCE
    • PHP object injection
    • Ruby/ERB template injection
    • Exploiting code injection over OOB channel
  • Server Side Request Forgery (SSRF)
    • SSRF to call internal files
    • SSRF to query internal network
  • Unrestricted File Upload
    • Malicious File Extensions
    • Circumventing File validation checks
  • Miscellaneous Topics
    • HTTP Parameter Pollution (HPP)
    • XXE in file parsing
    • A Collection of weird and wonderful XSS and CSRF attacks.
  • Attack Chaining
    • Combining Client-side and or Server-side attacks to steal internal secrets
Delegates will be given access to hands on LABs for a majority of the above topics. Attendees will also benefit from a state-of-art Hacklab and we will be providing free 2 Weeks of lab access after the class to allow attendees more practice time.

avatar for Sudhanshu Chauhan

Sudhanshu Chauhan

Associate Director, NotSoSecure Global Services
Sudhanshu Chauhan is an information security professional working as an Associate Director at NotSoSecure. He is one of the core contributors to Datasploit (Open Source OSINT Framework). Sudhanshu has written various articles on a wide range of topics including Cyber Threats, Vulnerability... Read More →
avatar for Sumit Siddharth

Sumit Siddharth

Founder, NotSoSecure
Sumit Siddharth (Sid) is the founder of NotSoSecure (www.notsosecure.com), a specialist IT security firm delivering high-end IT security consultancy and Training. Prior to NotSoSecure, he worked as Head of Penetration Testing for a leading IT security company in the UK. He has more than 9 years of experience in Penetration Testing. Sid has authored a... Read More →
avatar for Sunil Yadav

Sunil Yadav

Associate Director, NotSoSecure Global Services
Sunil works as Head of Research for NotSoSecure, a Claranet group company. He has 10 years of experience in application security. He has also been a trainer for the Web Hacking - Black Belt Edition and Basic Web Hacking courses at Black Hat and other leading conferences. He has provided... Read More →

Monday July 2, 2018 8:00am - Wednesday July 4, 2018 5:00pm BST
Olivier- 2nd Floor QEII Centre Broad Sanctuary, Westminster, London. SW1P 3EE