Tweet
URL=https://training.defcon.org/products...g-not-required
Originally posted by URL
Name of Training:
Hacking Organizations: Phishing Not Required
Description:
Teach students how to identify vulnerabilities in web applications and digital assets from an external perspective.
Training description:
“Hacking Organizations: Phishing Not Required” is a comprehensive course designed to teach students how to identify vulnerabilities in web applications and digital assets from an external perspective. The first two days of the course is cover the ten most common vulnerabilities found in web applications as well as principles of reconnaissance. On the third day, students will apply these skills to develop a technique for identifying impactful vulnerabilities that potentially allow access to an organization's internal infrastructure. This training is appropriate for anyone interested in web application penetration testing, bug bounties, or joining a red team with a web and reconnaissance focus.
Past content:
https://hackfest.ca/en/trainings/web/
https://appsecus2018.sched.com/event...step-at-a-time
Trainer(s) bio:
Ben Sadeghipour, also known as NahamSec, is a hacker, content creator, trainer, public speaker, and conference organizer. He has extensive experience in ethical hacking and bug bounty hunting, having identified and exploited thousands of security vulnerabilities for companies such as Apple, Yahoo, Google, Airbnb, Snapchat, the US Department of Defense, and Yelp. Sadeghipour was formerly the head of Hacker Education at HackerOne. In addition to his professional pursuits, Sadeghipour also creates content on YouTube and Twitch to help others get into ethical hacking, bug bounty, web hacking and reconnaissance.
Trainer(s) social media links:
https://twitter.com/NahamSec
https://youtube.com/NahamSec
Outline:
Day 1:
Burp Suite Basics
HTTP Basic Refresher
Request Types
Headers
Respond Codes
Status Codes
Open Redirects + Labs
Whitelisting
Blacklisting
Basics of open redirects
Cross-Site Scripting (XSS) + Lab Reflected Cross-Site Scripting Stored Cross-Site Scripting Dom Cross-Site Scripting
Blind XSS Break
Cross Site Request forgery (CSRF) + Lab No CSRF token Reusable CSRF token
Insecure Direct Object References (IDOR) + Lab Incrementing IDs Weak encryption (B64) UUID from other vulnerabilities
Local file Read & Path Traversal + Lab
Path Traversal Basics
Local File read
Path traversal bypasses
Advanced Path Traversal and local file read
Server-Side Request Forgery (SSRF) + Lab
Understanding SSRF + Protocols
Local File Read
Blind SSRF and Port Scan
Accessing Local Network via SSRf
White Listing and Black Listing
Exploiting PDF Generators and Similar
Day 2:
Privilege Escalation + Lab
Understanding user roles
Priv Esc through IDOR
Priv Esc via password brute force
Elevating user access roles
Arbitrary file upload + Lab
Unvalidated upload (php, asp, etc)
Path Traversal in uploaders
XML external entity (XXE) + Lab
Basics of XXE XXE in excel, docx, etc
XXE in PDF Generators
Remote Command / Code Execution
Understanding RCE
RCE via file uploads
Remote Command Injection in URL parsing
Weak or default credentials
Weak or default credential Basics
Wordlists
Looking through previous password dumps
Default Credentials
Password Guessing
Components with Known Vulnerabilities
SSRF
RCE via known vulnerabilities
Image Magick
Tomcat
Struts2
Shellshock
log4j
Reconnaissance - Asset Discovery + Hands on demo
DNS Basics
ASN Ranges (Cloud vs in house)
Subdomain Brute Forcing
Certificate Transparency
3rd Party tools (Shodan, Censys, etc)
Permutation and Environments
Automation Demo
Reconnaissance - Content Discovery + Lab
Creating and maintaining word list
Contextualizing directory/file brute forcing
Port scanning
Information gathering using https
Approaching APIs
Leveraging search engines for reconnaissance
Google Dorking
Leaked credentials
Finding additional information about your target
Methodology
Understanding company infrastructure
Identifying and prioritizing interesting assets
Combining asset discovery and content discovery
Looking for leads (documentation, API specs, etc)
Looking for patterns of mistake across an infrastructure
DNS Misconfigurations (subdomain or DNS takeover)
Understanding SSO
SSO Bypass or priv escalation
Final Lab + Test
Technical difficulty:
Beginner to intermediate
Suggested Prerequisites:
While this training will offer and cover the foundations of web application hacking, it is highly suggested that students have a solid foundation in web application hacking and in web development.
HTTP Basics:
https://developer.mozilla.org/en-US/docs/Web/HTTP
How to set up burp suite:
https://portswigger.net/burp/documen...ad-and-install
Understanding DNS:
https://www.cloudflare.com/learning/dns/what-is-dns
What students should bring:
Students should bring in a laptop (Mac OS, Windows, or a Linux distribution of your choice) with a working browser. Please make sure you have installed Burp Suite and are able to intercept your browsers traffic.
DATE: August 14th-15th 2023
TIME: 8am to 5pm PDT
VENUE: Caesars Forum, Las Vegas, NV
TRAINER: Ben Sadeghipour
- 16 hours of training with a certificate of completion.
- 2 coffee breaks are provided per day
- Note: Food is not included
Registration terms and conditions:
Trainings are refundable before July 1st, the processing fee is $250.
Trainings are non-refundable after July 10th, 2023.
Training tickets may be transferred. Please email us for specifics.
Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.
Hacking Organizations: Phishing Not Required
Description:
Teach students how to identify vulnerabilities in web applications and digital assets from an external perspective.
Training description:
“Hacking Organizations: Phishing Not Required” is a comprehensive course designed to teach students how to identify vulnerabilities in web applications and digital assets from an external perspective. The first two days of the course is cover the ten most common vulnerabilities found in web applications as well as principles of reconnaissance. On the third day, students will apply these skills to develop a technique for identifying impactful vulnerabilities that potentially allow access to an organization's internal infrastructure. This training is appropriate for anyone interested in web application penetration testing, bug bounties, or joining a red team with a web and reconnaissance focus.
Past content:
https://hackfest.ca/en/trainings/web/
https://appsecus2018.sched.com/event...step-at-a-time
Trainer(s) bio:
Ben Sadeghipour, also known as NahamSec, is a hacker, content creator, trainer, public speaker, and conference organizer. He has extensive experience in ethical hacking and bug bounty hunting, having identified and exploited thousands of security vulnerabilities for companies such as Apple, Yahoo, Google, Airbnb, Snapchat, the US Department of Defense, and Yelp. Sadeghipour was formerly the head of Hacker Education at HackerOne. In addition to his professional pursuits, Sadeghipour also creates content on YouTube and Twitch to help others get into ethical hacking, bug bounty, web hacking and reconnaissance.
Trainer(s) social media links:
https://twitter.com/NahamSec
https://youtube.com/NahamSec
Outline:
Day 1:
Burp Suite Basics
HTTP Basic Refresher
Request Types
Headers
Respond Codes
Status Codes
Open Redirects + Labs
Whitelisting
Blacklisting
Basics of open redirects
Cross-Site Scripting (XSS) + Lab Reflected Cross-Site Scripting Stored Cross-Site Scripting Dom Cross-Site Scripting
Blind XSS Break
Cross Site Request forgery (CSRF) + Lab No CSRF token Reusable CSRF token
Insecure Direct Object References (IDOR) + Lab Incrementing IDs Weak encryption (B64) UUID from other vulnerabilities
Local file Read & Path Traversal + Lab
Path Traversal Basics
Local File read
Path traversal bypasses
Advanced Path Traversal and local file read
Server-Side Request Forgery (SSRF) + Lab
Understanding SSRF + Protocols
Local File Read
Blind SSRF and Port Scan
Accessing Local Network via SSRf
White Listing and Black Listing
Exploiting PDF Generators and Similar
Day 2:
Privilege Escalation + Lab
Understanding user roles
Priv Esc through IDOR
Priv Esc via password brute force
Elevating user access roles
Arbitrary file upload + Lab
Unvalidated upload (php, asp, etc)
Path Traversal in uploaders
XML external entity (XXE) + Lab
Basics of XXE XXE in excel, docx, etc
XXE in PDF Generators
Remote Command / Code Execution
Understanding RCE
RCE via file uploads
Remote Command Injection in URL parsing
Weak or default credentials
Weak or default credential Basics
Wordlists
Looking through previous password dumps
Default Credentials
Password Guessing
Components with Known Vulnerabilities
SSRF
RCE via known vulnerabilities
Image Magick
Tomcat
Struts2
Shellshock
log4j
Reconnaissance - Asset Discovery + Hands on demo
DNS Basics
ASN Ranges (Cloud vs in house)
Subdomain Brute Forcing
Certificate Transparency
3rd Party tools (Shodan, Censys, etc)
Permutation and Environments
Automation Demo
Reconnaissance - Content Discovery + Lab
Creating and maintaining word list
Contextualizing directory/file brute forcing
Port scanning
Information gathering using https
Approaching APIs
Leveraging search engines for reconnaissance
Google Dorking
Leaked credentials
Finding additional information about your target
Methodology
Understanding company infrastructure
Identifying and prioritizing interesting assets
Combining asset discovery and content discovery
Looking for leads (documentation, API specs, etc)
Looking for patterns of mistake across an infrastructure
DNS Misconfigurations (subdomain or DNS takeover)
Understanding SSO
SSO Bypass or priv escalation
Final Lab + Test
Technical difficulty:
Beginner to intermediate
Suggested Prerequisites:
While this training will offer and cover the foundations of web application hacking, it is highly suggested that students have a solid foundation in web application hacking and in web development.
HTTP Basics:
https://developer.mozilla.org/en-US/docs/Web/HTTP
How to set up burp suite:
https://portswigger.net/burp/documen...ad-and-install
Understanding DNS:
https://www.cloudflare.com/learning/dns/what-is-dns
What students should bring:
Students should bring in a laptop (Mac OS, Windows, or a Linux distribution of your choice) with a working browser. Please make sure you have installed Burp Suite and are able to intercept your browsers traffic.
DATE: August 14th-15th 2023
TIME: 8am to 5pm PDT
VENUE: Caesars Forum, Las Vegas, NV
TRAINER: Ben Sadeghipour
- 16 hours of training with a certificate of completion.
- 2 coffee breaks are provided per day
- Note: Food is not included
Registration terms and conditions:
Trainings are refundable before July 1st, the processing fee is $250.
Trainings are non-refundable after July 10th, 2023.
Training tickets may be transferred. Please email us for specifics.
Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.