Web Applications are one of the most targeted and vulnerable aspects of any modern enterprise. As network infrastructure design and implementations become hardened, the weakest link remains the application layer. This course will provide a full overview of the types of attacks that are possible against web applications, as well as instruction as to how they are performed, and how they are mitigated. Students will explore the full lifecyle of a targeted web application attack, from reconnaissance to exploitation in a comprehensive lab environment. There will be comprehensive overviews of the latest exploitation tools and methodologies, and by the end of the course the student will have carried out numerous web application exploitation including but not limited to SQL injection, Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Web Service abuse cases, and abuse functionalities.
Minimum Student Requirements:
- Laptop that can support a VM (The course will teach using both Windows and Linux tools)
- USB stick (4gb +)
About the Trainer:
James Ball is the Chief Information Security Officer of HackMiami.
Mr. Ball oversees the security of HackMiami’s networks and infrastructure.Mr. Ball has over ten years of experience in the field of information security with a specialization in web application penetration testing. He also specializes in the art of Information Retreival and Disaster Recovery.