Web Hacking Black Belt Edition

lt;pgt;This class teaches the audience a wealth of hacking techniques to compromise modern-day web applications, APIs and associated end-points. This class focuses on specific areas of appsec and on advanced vulnerability identification and exploitation techniques. The class allows attendees to learn and practice some neat, new and ridiculous hacks which affected real-life products and have found a mention in real bug-bounty programs. The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known.lt;/pgt;lt;pgt;Attendees will also benefit from a state-of-art Hacklab during the course.lt;/pgt;lt;pgt;Some of the highlights of the class include:lt;/pgt;lt;ulgt;lt;ligt;Modern JWT, SAML, OAuth bugslt;/ligt;lt;ligt;Core business logic issueslt;/ligt;lt;ligt;Practical cryptographic flaws.lt;/ligt;lt;ligt;RCE via Serialization, Object, OGNL and template injection.lt;/ligt;lt;ligt;Exploitation over DNS channelslt;/ligt;lt;ligt;Advanced SSRF, HPP, XXE and SQLi topics.lt;/ligt;lt;ligt;Serverless exploitslt;/ligt;lt;ligt;Web Caching issueslt;/ligt;lt;ligt;Attack chaining and real life examples.lt;/ligt;lt;/ulgt;lt;h4gt;Target Audiencelt;/h4gt;lt;ulgt;lt;ligt;Web developerslt;/ligt;lt;ligt;Intermediate level penetration testerslt;/ligt;lt;ligt;DevOps engineers, network engineerslt;/ligt;lt;ligt;Security researchers / analystslt;/ligt;lt;ligt;Security architectslt;/ligt;lt;ligt;Security professionals amp;amp; enthusiastslt;/ligt;lt;ligt;Anyone who wants to take their skills to the next levellt;/ligt;lt;/ulgt;lt;pgt;Users are also encouraged to familiarize themselves with Burp Suite lt;ugt;lt;a href="https://portswigger.net/burp/communitydownload"gt;https://portswigger.net/burp/communitydownloadlt;/agt;lt;/ugt; to gain maximum out of the class.lt;/pgt;