Join me the week of August 8th, 2016 (Monday through Saturday) to learn all about web app pen testing with SEC542 and also prepare for the GIAC GWAPT (Web Application Penetration Tester) certification exam.
This is a six day Community SANS event, complete with an attack/lab VM, books, all class materials and a full day of Capture the Flag (CTF) on day six to really solidify all of the concepts and tools.
One of my favorite things about this class is the quality and quantity of the hands-on labs; we cover everything from Burp Suite and Command Injection to XSRF and Zap! You keep the tools, you keep the custom VM, you keep the labs and you gain great experience... more details are below.
SECURITY 542: Web App Penetration Testing and Ethical Hacking: www.sans.org
We will be covering all of these topics and more:
- Interception Proxies
- ZAP (Zed Attack Proxy)
- Burp Suite
- SQL Injection
- Logic Attacks
- Reflected Cross-Site Scripting (XSS)
- Stored Cross-Site Scripting (XSS)
- Local File Inclusion (LFI)
- Command Injection
- Remote File Inclusion (RFI)
- Cross-Site Request Forgery (XSRF)
- Command scanning tools
- Manual scanning techniques
If your job description falls under one of these categories and you have an affinity towards information security or a desire to learn how attackers are able to compromise web applications, then this class is for you:
- General security practitioners
- Penetration testers
- Ethical hackers
- Web application developers
- Website designers and architects