Hacking Modern Web Apps: Master the Future of Attack Vectors

Online-Workshop am 1. Oktober 2021, 9 bis 16:30 Uhr

This course is a 100% hands-on deep dive into the OWASP Security Testing Guide and relevant items of the OWASP Application Security Verification Standard (ASVS), so this course covers and goes beyond the OWASP Top Ten.

Long are the days since web servers were run by Perl scripts and Delphi. What is common between Walmart, eBay, PayPal, Microsoft, LinkedIn, Google and Netflix? They all use Node.js: JavaScript on the server.

Modern Web apps share traditional attack vectors and also introduce new opportunities to threat actors. This course will teach you how to review modern web apps, showcasing Node.js but using techniques that will also work against any other web app platform.

Vorkenntnisse

This course has no prerequisites as it is designed to accommodate students with different skills:

• Advanced students will enjoy comprehensive labs, extra miles and CTF challenges
  
• Less experienced students complete what they can during the class, and can continue at their own pace from home using the training portal.

This said, the more you learn about the following ahead of the course, the more you will get out of the course:

• Linux command line basics
  
• Basic knowledge of Node.js or JavaScript is not required, but would help

Lernziele

• The general level of proficiency is much higher than when they came
  
• The skills acquired can be immediately applied to modern Web app security assessments
  
• Skills can be sharpened via continued education in our training portal for free
  
• The student is equipped to defeat common Web app assessment challenges
  
• Everybody will learn a lot in this training.
  
• Advanced students will come out with enhanced skills and more efficient workflows
  
• The skills gained are highly practical and applicable to real-world assessments