We will not teach you how to run Nessus and Nmap, nor tell you to have a SNMP policy.

We will teach you to write exploits and how to attack.

Web Hacking

Immunity's Web Hacking course focuses on understanding common web hacking techniques by having students exploit vulnerable systems. Security professionals with some hands on web hacking experience will get the most out of this course. Immunity's trainers have developed a prerequisite evaluation for all potential students to take prior to signing up for the WebHacking class. This evaluation will help ensure that this class is right for you.

For additional information, pricing quotes, or a copy of the prerequisite evaluation, please send an email to training@immunityincdotcom.

Web Hacking Syllabus*

Day One

  • Introduction to XSS
  • Reflected XSS
  • Stealing cookies
  • Stealing the DOM
  • Persistent XSS
  • DOM based XSS
  • CSRF
  • Filter evasion External XML Entities
  • Single includes
  • Out of band exfiltration techniques

Day Two

  • Command Injection
  • Linux
  • Windows
  • Blind command injection Post Exploitation
  • Getting the most recon value out of compromised Linux hosts
  • Privilege escalation

Day Three

  • SQL Injection
  • Sighted SQLi
  • Blind SQLi
  • Error vs. timing
  • Authoring SQLi scripts

Day Four

  • Web Crypto
  • ECB
  • CBC
  • Padding Oracles

* class syllabus is subject to change

(ISC)2 CPE CREDIT INFORMATION

All of Immunity's training courses offer Continuing Professional Education (CPE) credits.
If you are interested in earning credits, just let Immunity know in advance.

COURSE * CPE CREDITS CERTIFICATIONS
Virtual Canvas Training (VCT) 10 CISSP
Web Hacking Language Review 7 CISSP, CSSLP, SSCP
Wide Open To Interpretation 21 CISSP, CSSLP, SSCP
Web Hacking 28 CISSP, CSSLP, SSCP
Click Here For Ring0 28 CISSP, CSSLP, SSCP
Master Track: Applied Cryptanalysis 28 CISSP, CSSLP, SSCP
Master Track: Kernel Exploitation 28 CISSP, CSSLP, SSCP

* Total potential credits

LATEST IN

IMMUNITYMEDIA

TWITTER
VIDEOS
PRODUCT
BLOG
SERVICES
BLOG