Overview

HBN W^3 is an intermediate web application hacking course for students with some experience in security assessment and penetration testing. The course provides a refresher of HTTP and associated technologies before commencing with more advanced level attacks ranging from assessment techniques of traditional web applications, to newer technologies such as AJAX, rich client media and HTML 5.

As with all courses in the HBN series, the W^3 course is a hands-on, highly practical course which intends to enable students to better understand the trade and not the trick. The course is full of brand new content, new labs and cutting-edge emulations.

Topics include:

• Hacking traditional web applications
• Understanding Web2.0 concepts and technologies
• XS* - JavaScript attacks
• Hacking web services
• Hacking compiled applications
• HTML5

Context

This course is an intermediate-level course and is the only one in the
 HBN series that focuses specifically on web-based technologies. Although prior participation in an HBN course is not a prerequisite, previous exposure to hacker thinking, tools and techniques and a basic understanding of web hacking concepts and techniques is assumed.

Prerequisites

This course is designed for students who have some experience in performing security assessments and penetration tests. Students should have had previous exposure to hacker thinking, tools and techniques. Students without the requisite technical skills are encouraged to consider HBN Extended Edition.

Who Should Attend

Information security officers, system and network administrators, security consultants, government agents will all benefit from the valuable insights provided by this class.

What to Bring

Just yourself. Lunch, teas and coffees are provided along with all necessary equipment including pre-configured laptops, tools and utilities.

To Take Home

Students will be provided with CDs containing course material after the course. You will also earn 24 CPE credits.

Course Trainers

SensePost only uses experienced, world-class penetration and security assessment consultants with extensive training experience to deliver the course. HBN W^3 Edition will be presented by one of the following course leaders:

Ian de Villiers is a Principal Security Consultant at SensePost. Coming from a development background, his areas of expertise are in application and web application assessment. Ian has spent a considerable amount of time researching application frameworks, and has published a number of advisories relating to portal platforms. He has also provided training at numerous prestigious events such as the BlackHat Briefings in the USA and spoken at security conferences all over the world.

Daniel Cuthbert is the Assessment Manager for SensePost and has over a decade of experience in penetration testing and security assessments. Daniel is a member of OWASP and the author of the OWASP Testing Guide (first released in 2003), which showed the correct way to assess web applications. He has developed and presented training courses and presentations around the world.

Testimonials

“This class provided a great overview of the thinking and methodology involved in hacking.”

“This training course was one of the best I have ever attended! The SensePost courses are of a high standard and merit the highest recommendation.”

“Great training and great information. Entertaining and well taught via experience.”

“Nice work! This course wasn’t just about tools; it was also theory and that helps. I recommend this training to other engineers.”

"The course was excellent. I truly learned a lot and was impressed by the amount of tools SensePost has developed.”

Pricing, Location and Dates

• £1,350 +VAT
• 3 day course
• London training venue
• 14-16 March 2012
• CPE credits 24