Tuesday, January 2, 2018

SANS SEC542 March 2018 - Portland

Portland Oregon! SANS SEC542 - Web Application Penetration Testing and Ethical Hacking is coming soon...

Class begins on March 5, 2018 when we will learn all about web app pen testing while preparing for the GIAC GWAPT (Web Application Penetration Tester) certification.



This is a six day Community SANS event, complete with an attack/lab virtual machine, books, all class materials and a full day of Capture the Flag (CTF) on day six to drive home all of the concepts and tools.

This is certainly one of my favorite classes and I think one of the best parts about this class is the quality and quantity of the hands-on labs; we cover everything from Burp Suite and Command Injection to XSRF and Zap! You keep the tools, you keep the custom VM, you keep the labs and you gain great experience... more details are below.

SECURITY 542: Web App Penetration Testing and Ethical Hacking: www.sans.org

We will be covering all of these topics and more:
  • Interception Proxies
    • ZAP (Zed Attack Proxy)
    • Burp Suite
  • SQL Injection
  • Logic Attacks
  • Metasploit
  • Reflected Cross-Site Scripting (XSS)
  • Stored Cross-Site Scripting (XSS)
  • Local File Inclusion (LFI)
  • Command Injection
  • Remote File Inclusion (RFI)
  • Cross-Site Request Forgery (XSRF)
  • Automated web app vulnerability scanning tools
  • Manual scanning techniques
If your job description falls under one of these categories and you have an affinity towards information security or a desire to learn how attackers are able to compromise web applications, then this class is for you:

  • General security practitioners
  • Penetration testers
  • Ethical hackers
  • Web application developers
  • Website designers and architects



Saturday, October 14, 2017

SANS SEC542 November 2017 - Tampa, FL

Tampa Florida! SANS SEC542 - Web Application Penetration Testing and Ethical Hacking is coming soon...

Class begins on November 13, 2017 (Monday through Saturday) when we will learn all about web app pen testing while preparing for the GIAC GWAPT (Web Application Penetration Tester) certification.



This is a six day Community SANS event, complete with an attack/lab virtual machine, books, all class materials and a full day of Capture the Flag (CTF) on day six to drive home all of the concepts and tools.

This is certainly one of my favorite classes and I think one of the best parts about this class is the quality and quantity of the hands-on labs; we cover everything from Burp Suite and Command Injection to XSRF and Zap! You keep the tools, you keep the custom VM, you keep the labs and you gain great experience... more details are below.

SECURITY 542: Web App Penetration Testing and Ethical Hacking: www.sans.org

We will be covering all of these topics and more:
  • Interception Proxies
    • ZAP (Zed Attack Proxy)
    • Burp Suite
  • SQL Injection
  • Logic Attacks
  • Metasploit
  • Reflected Cross-Site Scripting (XSS)
  • Stored Cross-Site Scripting (XSS)
  • Local File Inclusion (LFI)
  • Command Injection
  • Remote File Inclusion (RFI)
  • Cross-Site Request Forgery (XSRF)
  • Automated web app vulnerability scanning tools
  • Manual scanning techniques
If your job description falls under one of these categories and you have an affinity towards information security or a desire to learn how attackers are able to compromise web applications, then this class is for you:

  • General security practitioners
  • Penetration testers
  • Ethical hackers
  • Web application developers
  • Website designers and architects



Monday, July 31, 2017

Friday, June 30, 2017

Holiday Puzzler

I came across this at secureset.com (can't find the link anymore though):




Try and figure out what is it and when you do - share!

Sunday, May 21, 2017

SANS SEC542 August 2017 - Detroit, MI

Detroit Michigan! SANS SEC542 - Web Application Penetration Testing and Ethical Hacking is coming soon...

Class begins on August 7, 2017 (Monday through Saturday) when we will learn all about web app pen testing while preparing for the GIAC GWAPT (Web Application Penetration Tester) certification.



This is a six day Community SANS event, complete with an attack/lab virtual machine, books, all class materials and a full day of Capture the Flag (CTF) on day six to drive home all of the concepts and tools.

This is certainly one of my favorite classes and I think one of the best parts about this class is the quality and quantity of the hands-on labs; we cover everything from Burp Suite and Command Injection to XSRF and Zap! You keep the tools, you keep the custom VM, you keep the labs and you gain great experience... more details are below.

SECURITY 542: Web App Penetration Testing and Ethical Hacking: www.sans.org

We will be covering all of these topics and more:
  • Interception Proxies
    • ZAP (Zed Attack Proxy)
    • Burp Suite
  • SQL Injection
  • Logic Attacks
  • Metasploit
  • Reflected Cross-Site Scripting (XSS)
  • Stored Cross-Site Scripting (XSS)
  • Local File Inclusion (LFI)
  • Command Injection
  • Remote File Inclusion (RFI)
  • Cross-Site Request Forgery (XSRF)
  • Automated web app vulnerability scanning tools
  • Manual scanning techniques
If your job description falls under one of these categories and you have an affinity towards information security or a desire to learn how attackers are able to compromise web applications, then this class is for you:

  • General security practitioners
  • Penetration testers
  • Ethical hackers
  • Web application developers
  • Website designers and architects



Sunday, March 26, 2017

SANS SEC542 May 2017 - Chicago, IL

Chicago! SANS SEC542 - Web Application Penetration Testing and Ethical Hacking is coming soon...

Class begins on May 15, 2017 (Monday through Saturday) when we will learn all about web app pen testing while preparing for the GIAC GWAPT (Web Application Penetration Tester) certification.



This is a six day Community SANS event, complete with an attack/lab virtual machine, books, all class materials and a full day of Capture the Flag (CTF) on day six to drive home all of the concepts and tools.

This is certainly one of my favorite classes and I think one of the best parts about this class is the quality and quantity of the hands-on labs; we cover everything from Burp Suite and Command Injection to XSRF and Zap! You keep the tools, you keep the custom VM, you keep the labs and you gain great experience... more details are below.

SECURITY 542: Web App Penetration Testing and Ethical Hacking: www.sans.org

We will be covering all of these topics and more:
  • Interception Proxies
    • ZAP (Zed Attack Proxy)
    • Burp Suite
  • SQL Injection
  • Logic Attacks
  • Metasploit
  • Reflected Cross-Site Scripting (XSS)
  • Stored Cross-Site Scripting (XSS)
  • Local File Inclusion (LFI)
  • Command Injection
  • Remote File Inclusion (RFI)
  • Cross-Site Request Forgery (XSRF)
  • Automated web app vulnerability scanning tools
  • Manual scanning techniques
If your job description falls under one of these categories and you have an affinity towards information security or a desire to learn how attackers are able to compromise web applications, then this class is for you:

  • General security practitioners
  • Penetration testers
  • Ethical hackers
  • Web application developers
  • Website designers and architects



Saturday, February 25, 2017

SANS SEC542 April 2017 - Chicago, IL

Chicago! SANS SEC542 - Web Application Penetration Testing and Ethical Hacking is coming soon...

Class begins on April 3rd, 2017 (Monday through Saturday) when we will learn all about web app pen testing while preparing for the GIAC GWAPT (Web Application Penetration Tester) certification.



This is a six day Community SANS event, complete with an attack/lab virtual machine, books, all class materials and a full day of Capture the Flag (CTF) on day six to drive home all of the concepts and tools.

This is certainly one of my favorite classes and I think one of the best parts about this class is the quality and quantity of the hands-on labs; we cover everything from Burp Suite and Command Injection to XSRF and Zap! You keep the tools, you keep the custom VM, you keep the labs and you gain great experience... more details are below.

SECURITY 542: Web App Penetration Testing and Ethical Hacking: www.sans.org

We will be covering all of these topics and more:
  • Interception Proxies
    • ZAP (Zed Attack Proxy)
    • Burp Suite
  • SQL Injection
  • Logic Attacks
  • Metasploit
  • Reflected Cross-Site Scripting (XSS)
  • Stored Cross-Site Scripting (XSS)
  • Local File Inclusion (LFI)
  • Command Injection
  • Remote File Inclusion (RFI)
  • Cross-Site Request Forgery (XSRF)
  • Automated web app vulnerability scanning tools
  • Manual scanning techniques
If your job description falls under one of these categories and you have an affinity towards information security or a desire to learn how attackers are able to compromise web applications, then this class is for you:

  • General security practitioners
  • Penetration testers
  • Ethical hackers
  • Web application developers
  • Website designers and architects