This course is the culmination of years of experience gained via practical penetration testing of Modern Web and Desktop applications as well as countless hours spent doing research. We have structured this course around the OWASP Security Testing Guide, it covers the OWASP Top Ten and specific attack vectors against Modern Web and Desktop apps. This course provides participants with actionable skills that can be applied immediately from day 1.
Please note our courses are 100% hands-on, we do not lecture students with boring bullet points and theories, instead we give you practical challenges and help you solve them, teaching you how to troubleshoot common issues and get the most out of this training. Training then continues after the course through our frequently updated training portal, for which you keep lifetime access, as well as unlimited email support.
Each day starts with a brief introduction to the Modern platform (i.e. Node.js, Electron) for that day and then continues with a look at static analysis, moves on to dynamic checks finishing off with a nice CTF session to test the skills gained.
Day 1: Focused specifically on Hacking Modern Web Apps: We start with understanding Modern Web Apps and then deep dive into static and dynamic analysis of the applications at hand. This day is packed with hands-on exercises and CTF-style challenges.
Day 2: Focused on Hacking Modern Desktop Apps: We start with understanding Modern Desktop apps and various security considerations. We then focus on static and dynamic analysis of the applications at hand. The day is filled with hands-on exercises ending with a CTF for more practical fun.
Day 3: Dedicated to Advanced Modern Web & Desktop App Attacks: We cover advanced attacks specifically targeting Modern Web & Desktop Apps, such as dumping memory, prototype pollution, deserialization attacks, OAuth, JWT flaws and more. The day is full of hands-on exercises and ends with CTF-style open challenges for additional practice.
Create a custom schedule.
Take it with you on mobile.
Get listed in the directory.
