Assessing and Exploiting Web Applications with Samurai-WTF

InGuardians


Register Now // july 26 - 27


USA 2010 Weekday Training Session //CANCELLED


Overview:

This course will focus on using open source tools to perform web application assessments. The course will take attendees through the process of application assessment using the open source tools included in the Samurai Web Testing Framework Live CD (Samurai-WTF). Day one will take students through the steps and open source tools used to assess applications for vulnerabilities. Day two will focus on the exploitation of web app vulnerabilities, spending half the day on server side attacks and the other half of the day on client side attacks. The latest tools and techniques will be use throughout the course, including several tools developed by the trainers themselves.

Teaching Methods:

This course will be very lab intensive with limited lecture and demonstration of the features and use of each tool.

Who Should Attend:

Individuals with a basic understanding of web application vulnerabilities and attacks. This course will focus on use of the tools, not the theories behind the attacks.

Student Requirements:

  • Laptop with VMware Player
  • 4 GB of hard drive space for vir3
  • 2 GB of RAM

What you get:

  • Digital copy of the slides
  • Two virtual machines (each less then 2GB in size)

Trainers:

Justin Searle a Senior Security Analyst with InGuardians, specializes in penetration testing and security architecture. Justin currently leads the Smart Grid Architecture group of the Cybersecurity Coordination Task Group (CSCTG) for the National Institute of Standards and Technologies (NIST) and serves as a member of the Architecture Board for the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG) group. Previously, Justin served as JetBlue Airway’s IT Security Architect and has provided top- tier support for the largest supercomputers in the world. Justin has taught hacking techniques, forensics, networking, and intrusion detection courses for multiple universities and corporations. Justin has presented at top security conferences including DEFCON, ToorCon, ShmooCon, and SANS. Justin co-leads prominent open source projects including Samurai Web Testing Framework, The Middler, Yokoso!, and Laudnum. Justin has an MBA in International Technology and is CISSP and SANS GIAC-certified in incident handling and hacker techniques (GCIH) and intrusion analysis (GCIA).


Kevin Johnson is a Senior Security Analyst with InGuardians. Kevin came to security from a development and system administration background. He has many years of experience performing security services for fortune 100 companies, and in his spare time contributes to a large number of open source security projects. Kevin founded and leads the development on B.A.S.E. (the Basic Analysis and Security Engine) project. The BASE project is the most popular web interface for the Snort intrusion detection system. Kevin is an instructor for SANS, teaching both the Incident Handling and Hacker Techniques class and the Web Application Penetration Testing and Ethical Hacking class, which he is the author. He has presented to many organizations, including Infragard, ISACA, ISSA, RSA and the University of Florida.


Super Early:
Ends Apr 1

Early:
Ends May 15

Regular:
Ends Jun 15

Late:
Ends Jul 23

Onsite:

$2000

$2200

$2400

$2600

$2900