Gear up for Free Web & Mobile Security Workshops this November to take your Appsec Kung-Fu to the next level. From RCE & Prototype Pollution in Web apps to deeplinks & XSS in Mobile apps, we present you a comprehensive review of interesting security flaws in Modern apps.
Free Workshop: Hacking Modern Web apps with RCE and Prototype Pollution
November 11, 18:00-19:00 CEST
In this brief 60-minute workshop we show you security anti-patterns in Web apps and how they could be abused. Consequently this course will teach you how to review modern web apps and is Ideal for Penetration Testers & Web app Developers. Additionally, we give you few lab samples covering the following topics:
- RCE options against Node.js applications
- Introduction to Prototype Pollution
- Prototype Pollution attacks in practice
Moreover, all attendees are provided Lifetime access to Training Portal with all course materials.
So, register now to join this 60-minute hacking session, we’re sure you’ll leave with a thirst for more!
Cannot make or need a head start? Get the Free Web workshop here.
Free Workshop: Practical Mobile app attacks by Example
November 25, 18:00-19:00 CEST
Following up will be our ever popular workshop on Mobile security where we review of interesting security flaws in Android & iOS apps. In short this workshop covers anonymized juicy findings from reports that we could not make public over the years. Additionally we cover interesting vulnerabilities from open source apps, government mandated apps, password vaults and privacy browsers.
So are you looking to broaden your knowledge of mobile security with actionable information derived from real-world penetration testing of mobile apps? Yes, then come and join us for this 60 minute workshop, we’re sure you’ll leave with a thirst for more!
Cannot make or need a head start? Get the Free mobile workshop here.
What do you get?
- Lifetime access to a training portal
- Vulnerable apps to practice
- Guided exercise PDFs
- Video recording explaining how to solve the exercises
- Free access to all future updates
About the Speaker Note
Abraham Aranguren: After 13 years in it sec and 20 in IT Abraham is now the CEO of 7ASecurity, a company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Also a distinguished Security Trainer at Blackhat USA, HITB, OWASP Global AppSec and many other events. He is the creator of “Practical Web Defense” – a hands-on eLearnSecurity attack / defense course elearnsecurity/PWD. Moreover an OWASP OWTF project leader, an OWASP flagship project owtf.org. Formerly a senior penetration tester / team lead at cure53.de and version1.
As a shell scripting fan trained by unix dinosaurs, Abraham wears a proud manly beard. Major degree and Diploma in Computer Science, some certs: CISSP, OSCP, GWEB, OSWP, CPTS, CEH, MCSE:Security, MCSA:Security, Security+. He writes on Twitter as @7asecurity @7a_ @owtfp and 7asecurity Blog. Multiple presentations, pentest reports and recordings can be found here.
For the most up-to-date information about upcoming training events & Free online workshops check the training page.