Advanced web hacking training icon

Advanced web hacking training

Our 3 day advanced web hacking training class

This fast-paced web hacking training class gives attendees an insight into advanced web hacking. The team has built a state-of-the-art hacklab and recreated security vulnerabilities based on real-life penetration tests and real bug bounties seen in the wild.

The course is available directly from Claranet Cyber Security or you can book through one of our partners. The course is now available as live, online training and can be delivered for you individually or for your company. Contact us below with your requirements

The AWH course has been excellent with 100% positive feedback. We've appreciated ourselves how much work must have gone into the labs, they are very strong and reflect the real world, so we've been thrilled. The trainers are great, very knowledgable and engaging.

Delegate, Black Hat USA 2016

Really liked the training. Advanced stuff covered a lot of not so easy to find scenarios. Hats off on the efforts in building the practice labs

Delegate, Black Hat USA 2016

Is this course right for you?:

If you wonder:

  • Are there a ways to effectively exfiltrate data using Out of Band Techniques for certain Vulnerabilities?
  • Are there ways to Pen Test encrypted parameters to find vulnerabilities?
  • Are there ways to bypass SSO functionalities?
  • Are there ways to find SQL injection vulnerabilities not detected by Automated tools?
  • Are there ways to break weak crypto implementations?
  • Would there be an effective way to bypass password reset functionalities?
  • What are the different things i can do with SSRF vulnerabilities?
  • How can deserialization vulnerabilities be exploited?

Then you have come to the right place. Advanced Web hacking teaches you all of these.

Delegates receive:

  • Delegates can access our online lab which is purposely riddled with multiple vulnerabilities
  • Delegates will receive demonstrations and hands-on practice of the vulnerabilities to better understand and grasp the issues
  • Numerous scripts and tools for advanced attacks
  • A PDF copy of all course materials used during the course including instructor slide deck, tool cheat sheets and walkthrough guides
  • Access to NotSoSecure’s Advanced Web Hacking lab for 30 days after course completion
  • Overview
  • Details
  • Pre-requisites & Audience
  • Brochure Download

Advanced Web Hacking course talks about a wealth of hacking techniques to compromise web applications, APIs and associated end-points. This course focuses on specific areas of app-sec and on advanced vulnerability identification and exploitation techniques (especially server side flaws). This hands-on course covers neat, new and ridiculous hacks which affected real life products and have found a mention in real bug-bounty programs. In this course vulnerabilities selected are ones that typically go undetected by modern scanners or the exploitation techniques are not so well known.

Learning Objectives:

  • Modern JWT, SAML, oauth bugs
  • Business logic and crypto flaws
  • RCE via Java Serialisation, Object, OGNL and template injection
  • Exploitation over DNS channels
  • Advanced SSRF, HPP, XXE and SQLi topics
  • Attack chaining and real life examples

This course is an action-packed web hacking course exploiting modern web application vulnerabilities such as SSRF, Template Injection, 2nd Order SQLi, Deserialization, Crypto flaws and more. Attacking authentication schemes such as JWT, SAML, OAuth. Learning esoteric Out-of-Band techniques and attack chaining.

Authentication Bypass

Token Hijacking attacks Logical Bypass / Boundary Conditions

SAML / OAUTH 2.0 / AUTH-0 / JWT attacks

JWT Token Brute-Force attacks SAML Authentication and Authorization Bypass XXE through SAML Advanced XXE Exploitation over OOB channels

Password reset attacks

Cookie Swap Host Header Validation Bypass Case study of popular password reset fails.

Breaking Crypto

Known Plaintext Attack (Faulty Password Reset) Path Traversal using Padding Oracle Hash length extension attacks

SQL Injection

2nd order injection Out-of-Band exploitation SQLi through crypto OS code exec via powershell Advanced topics in SQli.

Remote Code Execution (RCE)

Java Serialisation Attack Node.js RCE PHP object injection Ruby/ERB template injection Exploiting code injection over OOB channel

Business logic flaws / Authorization flaws

Mass Assignment Invite/Promo Code Bypass Replay Attack API Authorisation Bypass

Server Side Request Forgery (SSRF)

SSL / TLS Bugs Deserialisation Bugs

Unrestricted upload

Malicious File Extensions Circumventing File validation checks

Miscellaneous topics

HTTP Parameter Pollution (HPP) XXE in file parsing A Collection of weird and wonderful XSS and CSRF attacks.

Attack chaining

Combining Client-side and or Server-side attacks to steal internal secrets

Who should attend

Web Developers, SOC Analysts who wonder types ofattacks Pen Testers use to find flaws in the applications. Entry/Intermediate level Pen Testers who want to know; what’s next? What are the advanced level attacks through which they can exploit vulnerabilities?; Network Engineers, Security Architects, enthusiasts who want to stay updated with the latests trends in Web application Hacks; Any technical person having a basic knowledge of how web applications work

Requirements

The requirement for this course is that you bring your own laptop with at least 4 GB RAM and 20 GB of free disk space and have admin/root access, along with the capability to run Kali Linux Image from Virtual Box. Familiarity with Burp Suite will be beneficial for this course.

Download

Download brochure

Other courses to further your knowledge

Lab-based training - written by Black Hat trainers.

These classes are ideal for those preparing for CREST CCT (ICE), CREST CCT (ACE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform penetration testing on infrastructure or web applications as a day job and wish to add to their existing skill set.

Enquire about your training

We provide training directly (live, online or in person) and also work with a range of training partners in different locations around the globe for classroom or live, online training. Please contact us with details of your requirement and we will recommend the best route to access our amazing training.

The course can also be booked directly through our accredited training partners.

Our accreditations

Crest
Check
Cyber essentials
ISO 27001
CEH Accreditation
CCISO Accreditation
CISSP Accreditation
CRISC Accreditation
OSCE Accreditation
OSCP Accreditation