Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation (100% Hands-On Labs) (inglise keeles)
Kas oled kunagi mõelnud veebirakenduste ründamisele lõbu või kasu eesmärgil? Aga kuidas oleks mängida ehtsate ja auhinnatud turvavigadega (award-winning security bugs), mis on leitud tuntud ettevõtete süsteemidest? Kui sa ei karda süveneda detailidesse ja sukelduda täismahus ründeanalüüsi, siis on see praktiline Black Belt Pentesting koolitus just sinu jaoks!
Koolituse maht: Koolituse kogumaht on 14 akadeemilist tundi, mis kõik on auditoorse ja praktilise töö tunnid (2 päeva)
Varajase registreeruja hind: 1190€ + km (registreerumisel kuni 14. detsember 2025 k.a).
Sihtgrupp:
- penetration testers, ethical hackers, red and blue team members, SOC analysts;
- software developers, software testers, security engineers, security consultants.
The course is suitable for security people and developers, testers, QA engineers as well.
Koolitusel osalemise eeldused:
- inglise keele oskus – koolitus viiakse läbi inglise keeles, harjutusülesanded on inglise keeles.
- To get the most of this Black Belt Pentesting training intermediate knowledge of web application security is needed. Students should be familiar with common web application vulnerabilities and have experience in using a proxy, such as Burp Suite Proxy, or similar, to analyze or modify the traffic.
Tehnilised eeldused arvutile: Students will need a laptop with 64-bit operating system, at least 8 GB RAM, 35 GB free hard drive space, administrative access, ability to turn off AV/firewall and VMware Player/Fusion installed (64-bit version). Prior to the training, make sure there are no problems with running x86_64 VMs. Please also make sure that you have Internet Explorer 11 installed on your machine or bring an up-and-running VM with Internet Explorer 11 (for a few labs).
Koolituse eesmärk
The objective of this Black Belt Pentesting training course is to teach you how bug hunters think and how to hunt for and exploit vulnerabilities effectively.
Koolituse kirjeldus
Have you ever thought of hacking web applications for fun and profit? How about playing with authentic, award-winning security bugs identified at some of the greatest companies? If that sounds interesting, join this unique and truely hands-on Black Belt Pentesting training.
The trainer Dawid Czagan will present security bugs found in a number of bug bounty programs (including Google, Yahoo, Mozilla, Twitter and others). You will learn how bug hunters think and how to hunt for and exploit vulnerabilities effectively.
To be successful in bug hunting, you need to go beyond automated scanners. If you are not afraid of going into detail and diving into full-stack exploitation, then this hands-on Black Belt Pentestin gtraining is for you. There is a lab exercise for each attack presented in this training + students can take the complete lab environment home after the training session. The trainer Dawid Czagan has found security bugs in many companies including Google, Yahoo, Mozilla, Twitter and in this training he’ll share his experience with you.
What Students Will Receive
Students will be handed in a VMware image with a specially prepared testing environment to play with all bugs presented in this training. When the training is over, students can take the complete lab environment home (after signing a non-disclosure agreement) to hack again at their own pace.
Eriboonus: hinnas sisaldub TASUTA ligipääs kuuele veebikursusele:
- Start Hacking and Making Money Today at HackerOne
- Keep Hacking and Making Money at HackerOne
- Case Studies of Award-Winning XSS Attacks: Part 1
- Case Studies of Award-Winning XSS Attacks: Part 2
- DOUBLE Your Web Hacking Rewards with Fuzzing (aka Fuzzing with Burp Suite Intruder)
- How Web Hackers Make BIG MONEY: Remote Code Execution
Pärast selle koolituse läbimist oled õppinud järgmist:
- REST API hacking
- AngularJS-based application hacking
- DOM-based exploitation
- bypassing Content Security Policy
- server-side request forgery
- browser-dependent exploitation
- DB truncation attack
- NoSQL injection
- type confusion vulnerability
- exploiting race conditions
- path-relative stylesheet import vulnerability
- reflected file download vulnerability
- hacking with wrappers
- subdomain takeover
- remote cookie tampering
- non-standard XSS attacks
- hijacking tokens via PDF
- XML attacks
- deserialization attacks
- HTTP parameter pollution
- bypassing XSS protection
- hacking with polyglot
- clickjacking attack
- window.opener tabnabbing attack
- RCE attacks
- and more…
Koolitus toimub koostöös Silesia Security Lab
Samuti võib sind huvitada ka koolitus: Full-Stack Pentesting Laboratory (100% Hands-On Labs + Lifetime LAB Access)
Koolitaja
Koolitaja Dawid Czagan on rahvusvaheliselt tunnustatud küberturbe uurija ja koolitaja ning Silesia Security Labi asutaja ja tegevjuht. Ta on kantud HackerOne’i top-häkkerite hulka. Dawid Czagan on avastanud turvaauke ettevõtetes nagu Apple, Google, Mozilla, Microsoft ja paljudes teistes. Tänu mitmete leitud haavatavuste (bugs) kõrgele riskitasemele, on ta saanud arvukalt auhindu.
Dawid Czagan jagab oma ründe- ja küberkaitse valdkonna kogemusi praktiliste koolituste kaudu. Ta on viinud läbi koolitusi valdkonna juhtivatel konverentsidel, sealhulgas DEF CON (Las Vegas), OWASP Global AppSec EU (Barcelona), Hack In The Box (Amsterdam), CanSecWest (Vancouver), 44CON (London), Hack In Paris (Pariis), NorthSec (Montreal), HITB GSEC (Singapur) ning paljudele ettevõtete klientidele. Tema õpilaste hulka kuuluvad turvaspetsialistid sellistest ettevõtetest nagu Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips ning valitsussektorist.
Osalejate tagasisidet ja soovitusi saab lugeda Dawid Czagan’i LinkedIni profiililt. Need on kättesaadavad ka siin: Silesia Security Lab
Koolituse teemad
Päev 1
1) Advanced SSRF attacks (90 minutes)
- SSRF: reading the SecretAccessKey of an application hosted on AWS
- SSRF: Jenkins shutdown
- SSRF: deleting ElasticSearch database
2) Exploiting type confusion and DB truncation (45 minutes)
- Bypassing authentication via type confusion
- DB truncation: changing the admin’s password
3) Hacking AngularJS applications (75 minutes)
- AngularJS: Template injection and $scope hacking
- AngularJS: Going beyond the $scope
- AngularJS: Hacking a static template
4) Bypassing Content Security Policy (75 minutes)
- Bypassing CSP via Google’s ajax libraries CDN
- Bypassing CSP via Flash file
- Bypassing CSP via polyglot file
- Bypassing CSP via AngularJS
5) Hacking with wrappers (45 minutes)
- Source code disclosure via wrappers
- RCE via data: wrapper
- RCE via PHP input stream wrapper
6) Bypassing authorization and protection mechanisms (45 minutes)
- HTTP parameter pollution
- Bypassing XSS protection with Shift_JIS encoding
7) NoSQL injection attacks (45 minutes)
- NoSQL injection: MongoDB
- NoSQL injection: ElasticSearch
8) Exploiting race conditions (60 minutes)
- Race condition: stealing money from a bank (for educational purposes only)
- Race condition: reusing a one-time discount code
Päev 2
1) Non-standard XML attacks (45 minutes)
- SSRF via XML DOCTYPE
- SSRF via XML XInclude
- SSRF via XML External Entity
2) DOM XSS exploitation (90 minutes)
- DOM XSS via location.hash
- DOM XSS via JSON
- DOM XSS via cookie
3) Browser-dependent exploitation (90 minutes)
- Token hijacking via PDF file
- Account takeover via clickjacking
- XSS via Path-Relative Stylesheet Import Vulnerability (PRSSI)
4) Reflected file download vulnerability (60 minutes)
- Reflected File Download (RFD) with callback
- Reflected File Download (RFD) with callback and JScript
- Reflected File Download (RFD) without callback
5) Deserialization attacks (60 minutes)
- RCE via deserialization (Python)
- RCE via deserialization (Java)
- Path traversal via deserialization (PHP)
6) Advanced full-stack attacks (60 minutes)
- Subdomain takeover
- User redirection via window.opener tabnabbing
- RCE via AddHandler
7) Q&A session (30 minutes)
Läbistustestimine (penetration testing) teooria kinnistatakse praktiliste laborite abil.
Koolituse õpiväljundid
Koolituse edukal läbimisel osaleja:
- knows how bug hunters think and how to hunt for and exploit vulnerabilities effectively.
Koolitushind sisaldab:
- koolitus viiakse läbi koolitaja poolt, kes omab vähemalt täiskasvanute koolitaja taset 5 või töökogemust vastavas valdkonnas.
Õppekeskkonna kirjeldus: Õppekorralduse alused (alapunkt 8)
Täiendkoolituse õppekava rühm: tarkvara ja rakenduste arendus ning analüüs (0613 ISCED)
Koolitaja
-
Dawid CzaganAn internationally recognized security researcher and trainer. He is listed among top hackers at HackerOne. Due to the severity of many bugs, he received numerous awards for his findings.Dawid Czagan is an internationally recognized security researcher and trainer. He is listed among top hackers at HackerOne. Dawid Czagan has found security bugs in Apple, Google, Mozilla, Microsoft and many others. Due to the severity of many bugs, he received numerous awards for his findings.
Dawid Czagan shares his offensive security experience through his hands-on training courses. He has delivered training sessions at key industry conferences such as DEF CON (Las Vegas), OWASP Global AppSec EU (Barcelona), Hack In The Box (Amsterdam), CanSecWest (Vancouver), 44CON (London), Hack In Paris (Paris), NorthSec (Montreal), HITB GSEC (Singapore) and for many corporate clients. His students include security specialists from Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips and government sector (recommendations are available on Dawid Czagan’s LinkedIn profile (https://www.linkedin.com/in/dawid-czagan-85ba3666/). They can also be found here: https://silesiasecuritylab.com/services/training/#opinions).
