Filtering by: Hacking
Basic Web Hacking - 2019 Edition
Oct
7
to Oct 8

Basic Web Hacking - 2019 Edition

Presenter: Notsosecure

Track: Pentesting, Application Security

Format: 2 Day Training

This training gives you the most important thing when it comes to basic web hacking, The course familiarizes the attendees with a wealth of hacking tools and techniques needed to breach the security of web applications.

The course starts from the very basic and gradually builds up to the level where attendees can not only use the tools and techniques to hack various components involved in web application hacking, but also walk away with a solid understanding of the concepts on which these tools work.

View Event →
Basic Infrastructure Hacking - 2019 Edition
Oct
7
to Oct 8

Basic Infrastructure Hacking - 2019 Edition

Presenter: Notsosecure

Tracks: Pentesting, Network

Format: 2 Day Training

This is an entry level course and is a recommended pre-requisite for our Advanced Infrastructure Hacking course. This class familiarizes the attendees with the basics of network hacking. A number of tools and techniques will be taught during the 2 days class. Attendees will be granted FREE 30 days' lab access to allow sufficient time to practice all the concepts taught during the class.

If you want to step into the world of ethical hacking/pentesting, then this is the right course for you. Attendees are encouraged to combine this class in succession with our Basic Web Hacking course, in a 4 day format for a wider coverage of issues spanning both network and applications.

View Event →
Hacking and Securing Cloud Infrastructure
Oct
8
to Oct 9

Hacking and Securing Cloud Infrastructure

Presenter: Notsosecure

Tracks:  Pentesting, Network

Format: 2 Day Training

Brand new for 2019, this 2-day course cuts through the mystery of Cloud Services (including AWS, Azure and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing a traditional network infrastructure.

View Event →
Advanced Infrastructure Hacking - 2019 Edition
Oct
8
to Oct 9

Advanced Infrastructure Hacking - 2019 Edition

Presenter: notsosecure

Tracks:  Pentesting,  Network

Format: 3 Day Training

The 2019 edition brings more new, neat and ridiculous network hacks. From old-school misconfiguration issues to the very latest cutting-edge techniques and exploits against the modern network platforms, we have got it all covered. The course will cover advanced penetration techniques to achieve exploitation against these platforms:

·         Modern Operating systems (Windows, Linux)

·         Multiple Databases, Web and Application servers

·         Switches/Routers

·         Docker

·         VLANs

·         VoIP

·         Kubernetes

·         AWS/Azure/GCP specific attacks

·         VPNs

Students will have access to a state-of-the-art Hacklab with wide variety of vulnerabilities to practice exploitation and will receive a FREE 30 day subscription after the class to allow more practice time.

View Event →
Advanced Web Hacking - Black Belt Edition
Oct
8
to Oct 9

Advanced Web Hacking - Black Belt Edition

Presenter: Notsosecure

Track: Pentesting, Application Security

Format: 2 Day Training

This class teaches the audience a wealth of hacking techniques to compromise modern day web applications, APIs and associated end-points. This class focuses on specific areas of appsec and on advanced vulnerability identification and exploitation techniques. The class allows attendees to learn and practice some neat, new and ridiculous hacks which affected real life products and have found a mention in real bug-bounty programs. The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known.

 

Attendees will also benefit from a state-of-art Hacklab and we will be providing FREE 30 days lab access after the class to allow attendees more practice time. Some of the highlight of the class includes:

  • Modern JWT, SAML, oauth bugs

  • Core business logic issues

  • Practical cryptographic flaws.

  • RCE via Serialisation, Object, OGNL and template injection.

  • Exploitation over DNS channels

  • Advanced SSRF, HPP, XXE and SQLi topics.

  • Serverless exploits

  • Web Caching issues

  • Attack chaining and real life examples.

View Event →