Gear up for an awesome lineup of Free Online Workshops in January. Join us for an exciting journey where we present you a comprehensive review of interesting security flaws in Modern apps. Also, get to know about RCE & Prototype pollution attacks on Web Apps and deeplinks & XSS in Mobile apps.
Free Workshop: Hacking Modern Web apps with RCE and Prototype Pollution
January 20, 18:00-19:00 CET
Through this brief 60-minute workshop we show you security anti-patterns in Web apps and how they could be abused. Consequently this course teaches you how to review modern web apps and is ideal for Pentesters and developers. Moreover, we give you few lab samples covering the following topics:
- RCE options against Node.js applications
- Introduction to Prototype Pollution
- Prototype Pollution attacks in practice
So, register now to join this 60-minute hacking session, we’re sure you’ll leave with a thirst for more!
Still can’t make it or need a head start? Get the Free Web workshop here.
Free Workshop: Practical Mobile app attacks by Example
January 27, 18:00-19:00 CET
Following up is the ever popular workshop on Mobile security where we review interesting security flaws in Android & iOS apps. This workshop covers anonymized juicy findings from reports that were not made public. Additionally we cover interesting vulnerabilities from open source apps, government mandated apps, password vaults and privacy browsers.
Join now if you are looking to broaden your knowledge on Mobile security.
Cannot make or need a head start? Get the Free mobile workshop here.
What do you get?
- Access to Free Online Workshops in January
- Lifetime access to a training portal
- Vulnerable apps to practice
- Guided exercise PDFs
- Video recording explaining how to solve the exercises
- Free access to all future updates
About the Speaker Note:
Abraham Aranguren: After 13 years in it sec and 20 in IT Abraham is now the CEO of 7ASecurity, a company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Also a distinguished Security Trainer at Blackhat USA, HITB, OWASP Global AppSec and many other events. Co-Author and supervisor of all 7ASecurity courses, covering Web, Mobile and JavaScript Desktop app security. Creator of “Practical Web Defense” (PWD) – a hands-on attack / defense course. OWASP OWTF project leader, an OWASP flagship project owtf.org. Formerly a senior penetration tester / team lead at Cure53 and Version1.
As a shell scripting fan trained by unix dinosaurs, Abraham wears a proud manly beard. Major degree and Diploma in Computer Science, some certs: CISSP, OSCP, GWEB, OSWP, CPTS, CEH, MCSE:Security, MCSA:Security, Security+. He writes on Twitter as @7asecurity @7a_ @owtfp and 7asecurity Blog. Multiple presentations, pentest reports and recordings can be found here.
For the most up-to-date information about upcoming training events & Free online workshops check the training page.
