About This Training
This course is the culmination of years of experience gained via practical penetration testing of Modern Web applications as well as countless hours spent doing research. We have structured this course around the OWASP Security Testing Guide, it covers the OWASP Top Ten and specific attack vectors against Modern Web apps. This course provides participants with actionable skills that can be applied immediately from day 1.
Please note our courses are 100% hands-on, we do not lecture students with boring bullet points and theories, instead we give you practical challenges and help you solve them, teaching you how to troubleshoot common issues and get the most out of this training. Training then continues after the course through our frequently updated training portal, for which you keep lifetime access, as well as unlimited email support.
Each section starts with a brief introduction to the Modern platform (i.e. Node.js) for that section and then continues with a look at static analysis, moves on to dynamic checks finishing off with a nice CTF session to test the skills gained.
Training Format
Lectures
10% of the training
Hands-on Labs
90% of the training
Prerequisite of Training Class
Hardware & Software: Attendees should bring
A laptop with the following specifications:
- Ability to connect to wireless and wired networks.
- Ability to read PDF files
- Administrative rights: USB allowed, the ability to deactivate AV, firewall, install tools, etc
- Knowledge of the BIOS password, in case VT is disabled.
- Minimum 8GB of RAM (recommended: 16GB+)
- 60GB+ of free disk space (to copy a lab VM and other goodies)
- VirtualBox 6.0 or greater, including the "VirtualBox Extension Pack"
Student / Prerequisites for attendees
This course has no prerequisites as it is designed to accommodate students with different skills:
- Advanced students will enjoy comprehensive labs, extra miles and CTF challenges
- Less experienced students complete what they can during the class, and can continue at their own pace from home using the training portal.
90%+ hands-on, 10% lecture. The course is mostly hands-on: The trainers introduce some concepts before each lab and then help the students overcome the challenges they face.
This course has no prerequisites as it is designed to accommodate students with different skills:
- Advanced students will enjoy comprehensive labs, extra miles and CTF challenges
- Less experienced students complete what they can during the class, and can continue at their own pace from home using the training portal.
This said, the more you learn about the following ahead of the course, the more you will get out of the course:
- Linux command line basics
Instructor
Abraham Aranguren
Senior Security Consultant
7ASecurity
Abraham Aranguren is a seasoned security professional with extensive experience in web application security. He specializes in penetration testing and security training, helping organizations secure their web applications against modern threats.
With years of hands-on experience in the field, Abraham has developed a deep understanding of web application vulnerabilities and attack vectors, which he brings to this comprehensive training.