Web Hacking
Immunity's Web Hacking course focuses on understanding common web hacking techniques by having students exploit vulnerable systems. Security professionals with some hands on web hacking experience will get the most out of this course. Immunity's trainers have developed a prerequisite evaluation for all potential students to take prior to signing up for the WebHacking class. This evaluation will help ensure that this class is right for you.
For additional information, pricing quotes, or a copy of the prerequisite evaluation, please send an email to .
Web Hacking Syllabus*
Day One
- Introduction to XSS
- Reflected XSS
- Stealing cookies
- Stealing the DOM
- Persistent XSS
- DOM based XSS
- CSRF
- Filter evasion External XML Entities
- Single includes
- Out of band exfiltration techniques
Day Two
- Command Injection
- Linux
- Windows
- Blind command injection Post Exploitation
- Getting the most recon value out of compromised Linux hosts
- Privilege escalation
Day Three
- SQL Injection
- Sighted SQLi
- Blind SQLi
- Error vs. timing
- Authoring SQLi scripts
Day Four
- Web Crypto
- ECB
- CBC
- Padding Oracles
* class syllabus is subject to change
(ISC)2 CPE CREDIT INFORMATION
All of Immunity's training courses offer Continuing Professional Education (CPE) credits.
If you are interested in earning credits, just let Immunity know in advance.
| COURSE | * CPE CREDITS | CERTIFICATIONS |
|---|---|---|
| Web Hacking | 28 | CISSP, CSSLP, SSCP |
| Linux Kernel Exploitation | 28 | CISSP, CSSLP, SSCP |
|
* Total potential credits |
LATEST IN
IMMUNITYMEDIA
BLOG
BLOG
Visit @immunityinc on Twitter