RSS feed logo header graphic

Black Hat USA 2009 Weekend Training Session

July 25-26

Black Hat USA 2009 Weekday Training Session

July 27-28

Hacking by Numbers: Web 2.0


Register Button


We were actually enjoying the web as it was, but apparently it was time for an upgrade. Hello Web 2.0. Hello social networking, wikis, RSS, blogs and user-driven content. Hello web services, SOAP and REST. Hello XML, Javascript, AJAX, and Silverlight.

Web 2.0 is a perceived or proposed second generation of the web. According to Tim O'Reilly: "Web 2.0 is the business revolution in the computer industry caused by the move to the Internet as platform, and an attempt to understand the rules for success on that new platform."

Web 2.0 is a whole new world and Hacking By Numbers - Web 2.0 Edition is a course designed to prepare you for it. Brought to you by the same team that created the successful 'Bootcamp' and 'Combat' editions, "Web 2.0 Edition" focuses on the knowledge, skills, tools and thinking techniques required to understand security and hacking in the Web 2.0 world.

Hello XSS, XSRF, XSRT and friends!

HBN Web 2.0 Edition is aimed primarily at understanding how we attack the "Web 2.0" technologies and concepts. The course builds off Bootcamp Edition (it is therefore a more advanced course) but is still be structured, practical and extremely hands-on in the established "Hacking By Numbers" tradition.

Topics include:

  • Hacking Web Applications Refresher
  • Understanding Web 2.0 - concepts and technologies
  • Getting under the hood - A Web Services and Javascript Refresher
  • Hacking Web Services
  • Hacking the User - XSS Foo
  • Hacking the New Kids - AJAX, JSON, SOAP, RSS and the crew
  • Games and Hacking - How we hack games and how we're actually always hacking games

The course is full of brand new content and brand new labs and cutting-edge emulations.

Course Length

Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered.


Haroon Meer is currently SensePost's director of Development (and coffee drinking). He specializes in the research and development of new tools and techniques for network penetration and has released several tools, utilities and white-papers to the security community. He has been a guest speaker at many Security forums including the Black Hat Briefings. Haroon doesn't drink tea or smoke camels.

Charl van der Waltis a founding member of SensePost. He studied Computer Science at UNISA, Mathematics at the University of Heidelberg in Germany and has a Diploma in Information Security from the Rand Afrikaans University. He is an accredited BS7799 Lead Auditor with the British Institute of Standards in London. Charl has a number of years experience in Information Security and has been involved in a number of prestigious security projects in Africa, Asia and Europe. He is a regular speaker at seminars and conferences nationwide and is regularly published on internationally recognized forums like SecurityFocus. Charl has a dog called Fish.

Register Button
Super Early:
Ends Mar 15
Ends May 1

Ends Jul 1

Ends Jul 22







Black Hat Webcasts

Black Hat Social

About Black Hat | Privacy Policy | Sponsorship Inquiry | DEFCON | Black Hat Main RSS Feed