MDSec works at the forefront of Application Security. Our latest edition of the Web Application Hacker’s Handbook [Wiley, 2011] spans 870 pages, and we run numerous global training courses on web application security for development teams, and professional testers alike. The course follows the chapters of the Second Edition of The Web Application Hacker’s Handbook, with strong focus on practical attacks (there are only 140 slides in either of the 2 or 3 day courses).
Our WAHH Live Course has been delivered at BlackHat, HiTB, Syscan, Countermeasure and 44con, and has been recently reinforced with the 2nd Edition of the Web Application Hacker’s Handbook, bringing you right up to date.
The course is highly practical. There are only 140 slides in the course, which relies primarily on 400+ vulnerable examples from all of the chapters of the book, and a Capture the Flag exercise. We have made one of the main servers we use available online; if you want to see inside the labs you can view the demo.
Our course features Burp Suite at its heart. Whilst many experienced Web Application testers may be currently using Burp, there are often many options and extended capabilities that users do not have time to investigate on time-limited assessments.
If requested, MDSec’s training can be adapted and extended to help you learn more about Burp suite, including:
Meanwhile, if the above is unfamiliar territory, you can be reassured that if you want a full “zero to hero” approach, we can take you through from the basics of the HTTP Protocol, setting up the tool for optimal use, the capabilities and use of each of the key portions of Burp Suite, and get you performing both automated and manual web application tests. QA Teams love it!
After a short introduction to the subject we delve into common insecurities in logical order:
Attendees will gain theoretical and practical experience of:
For more detailed information about the course’s practical structure, see the Web Application Hacker’s Methodology chapter from the original version of the book.
To see the practical exercises, in action, please visit our demo.
Related services include:
Speak to one of our industry experts and find out how MDSec can help your business.
+44 (0) 1625 263 503