LASCON 2017 has ended
View analytic
Tuesday, October 24 • 9:00am - 5:00pm
Web Application Hacking w/ Brandon Perry (Day 1) LIMITED

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Limited Capacity seats available

Paid Training Ticket Required

The first day of this class focuses on teaching how to start finding and exploiting common web application vulnerabilities (Cross-Site Scripting, SQL Injection, Remote Command/Code Execution), first by hand, and then with common tools.

Real world web applications are used to demonstrate each vulnerability, after learning the basics in an intentionally vulnerable web application called BadStore.

Students end the day having covered the basics of the most prevalent types of web application vulnerabilities, as well as seeing how these can impact applications in the real world.

The second day of training takes the real world vulnerabilities from the previous day to the next level, we quickly rehash by exploiting them by hand using Burp Suite or common tools. Then we weaponize the vulnerabilities while learning the ropes of writing Metasploit exploit and auxiliary modules.

By the end of the day, we will have written two exploit modules and one auxiliary module.  


Brandon Perry

Brandon Perry has been writing C# applications since the advent of the open source .NET implementation Mono. In his free time, he ­enjoys writing modules for the Metasploit framework, parsing binary files, and fuzzing things. He is the co-author of Wicked Cool Shell Scripts, 2nd Edition (No Starch Press). He... Read More →

Tuesday October 24, 2017 9:00am - 5:00pm

Attendees (7)