Are you the kind of person who enjoys Workshops with practical information that you can immediately apply to your work? “Hacking Modern Desktop apps: Master the Future of Attack Vectors” is a desktop app security course that provides you with case studies from real-world vulnerable applications.
Register now to learn techniques to take your desktop app security auditing kung-fu to the next level.
The course (Hacking Modern Desktop apps) covers attacks and mitigation against desktop apps on Linux, Windows and Mac OS X with focus on Electron apps. And yet techniques covered will be helpful against other desktop platforms, CSP bypasses and other web security techniques.
This brief 60-minute workshop explains what the course covers along with few lab samples covering the following topics:
- Essential techniques to audit Electron applications
- What XSS means in a desktop application
- How to turn XSS into RCE in Modern apps
- Attacking preload scripts
- RCE via IPC
Attendants will be provided with training portal access to practice the attack vectors covered. This includes:
- Lifetime access to a training portal
- Vulnerable apps to practice
- Guided exercise PDFs
- Video recording explaining how to solve the exercises
Come and join us for this 60-minute hacking session, we’re sure you’ll leave with a thirst for more!
From new to advanced, content should keep all skill levels happy
Abraham Aranguren: After 13 years in itsec and 20 in IT Abraham is now the CEO of 7ASecurity (7asecurity.com), a company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Security Trainer at Blackhat USA, HITB, OWASP Global AppSec and many other events. Former senior penetration tester / team lead at Cure53 (cure53.de) and Version 1 (www.version1.com). Creator of “Practical Web Defense” – a hands-on eLearnSecurity attack / defense course (www.elearnsecurity.com/PWD), OWASP OWTF project leader, an OWASP flagship project (owtf.org), Major degree and Diploma in Computer Science, some certs: CISSP, OSCP, GWEB, OSWP, CPTS, CEH, MCSE:Security, MCSA:Security, Security+. As a shell scripting fan trained by unix dinosaurs, Abraham wears a proud manly beard. He writes on Twitter as @7asecurity@7a_@owtfp or https://7asecurity.com/blog. Multiple presentations, pentest reports and recordings can be found at https://7asecurity.com/publications
For the most up-to-date information about upcoming training events, including free workshops, check this.
New Year Sale is on! Check here