WebHacking

Immunity's WebHacking course focuses on understanding common web hacking techniques by having students exploit vulnerable systems. Security professionals with some hands on web hacking experience will get the most out of this course. Immunity's trainers have developed a Prerequisite Evaluation for all potential students to take prior to signing up for the WebHacking class. This evaluation will help ensure that this class is right for you.

For additional information, pricing quotes, or a copy of the Prerequisite Evaluation, please send an email to training@immunityinc.com.

WebHacking Syllabus*

Day 1:

1) Introductions
2) HTTP Protocol Refresher
3) Linux CLI Refresher
4) Information Gathering
5) Versioning / Information Disclosures
6) Python Refresher
7) SQLi

Day 2:

1) XSS / XSRF
2) RFI / LFI
3) CMDi or script audit
4) Privilege Escalation using CANVAS

Day 3:

1) Intro to Web Crypto Security
2) Electronic Codebook (ECB)
3) Cipher-block Chaining (CBC)
4) Student Choice: Padding Oracle or War Games
5) Q&A Session

* class syllabus is subject to change