Free Live Online Workshops in December

Tired of bad news? Here’s some free training! 🙂

Join now to take advantage of two Free Live Online Workshops in December. Get introduced to Desktop & Mobile App Security by the best. 100% hands on, these workshops are filled with practical information that you can immediately apply to work, no boring theories about the universe 😉

Hacking JavaScript Desktop apps with XSS & RCE

Get introduced to XSS and learn how to turn XSS into RCE in JavaScript desktop apps. This 60 minute workshop is packed with case studies from real-world vulnerable applications. Also, covers attacks and mitigation against desktop apps on Linux, Windows and Mac OS X.

Topics Covered:

  • Essential techniques to audit Electron applications
  • What XSS means in a desktop application
  • How to turn XSS into RCE in Modern apps
  • Attacking preload scripts
  • RCE via IPC

Join now to be part of this Free 60 minute workshop on December 9th, 2021 at 18:00 – 19:00 CET.

Cannot make it or need a head start? Get the Free Desktop Workshop here.

Free live online workshops
Deep Links & XSS in Android and iOS apps

Take a deep dive into Android & iOS security and explore Deep Link attacks & data exfiltration with XSS. Broaden your knowledge of mobile security with actionable information derived from real-world penetration testing of mobile apps.

Topics Covered:

  • Deep Link attacks achieving user impersonation
  • Bypass authorization controls using deep Link attacks
  • Deep Link attacks to make phone calls
  • XSS attacks and data exfiltration on Android & iOS

Join now to get a chance to attend this live workshop on December 16th, 2021 at 18:00 – 19:00 CET.

Cannot make or need a head start? Get the Free Mobile workshop here.

Free live online workshops
What do you get?
  • Access to Free Live Online Workshops
  • Lifetime (!) workshop access
  • Free access to all future updates (!!)
  • Vulnerable apps to practice
  • Guided exercise PDFs
  • Video recording explaining how to solve the exercises
  • (Optional) Certificate of Attendance
About the Speaker Note:

Abraham Aranguren: After 13 years in it sec and 20 in IT Abraham is now the CEO of 7ASecurity, a company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Also a distinguished Security Trainer at Blackhat USA, HITB, OWASP Global AppSec and many other events. Co-Author and supervisor of all 7ASecurity courses, covering Web, Mobile and JavaScript Desktop app security. Creator of “Practical Web Defense” (PWD) – a hands-on attack / defense course. OWASP OWTF project leader, an OWASP flagship project owtf.org. Formerly a senior penetration tester / team lead at Cure53 and Version1.

As a shell scripting fan trained by unix dinosaurs, Abraham wears a proud manly beard. Major degree and Diploma in Computer Science, some certs: CISSP, OSCP, GWEB, OSWP, CPTS, CEH, MCSE:Security, MCSA:Security, Security+. He writes on Twitter as @7asecurity @7a_  @owtfp and 7asecurity Blog. Multiple presentations, pentest reports and recordings can be found here.

For the most up-to-date information about upcoming training events & Free online workshops check the training page.