Instructor: Kizz Myanthia
This course will introduce the attendees to the concepts of Information Security, the security issues that plague all applications today, learn how to create an attack strategy, and execute against the problem. This course will encompass both common and easily exploitable vulnerabilities and the more advanced or custom exploits and techniques that attackers use in the real world. We will discuss what motivates an attacker, what the types of mindsets are, and what tools they will most likely use. “The White Whale” will give the attendee an opportunity to learn the fundamentals of Information and Application security through hands on training and QA Lecture. We will work to understand both application and host vulnerabilities and exploits. This class will not only guide a novice tester or admin into the mindset of an attacker, but will give the advanced tester a deeper understanding of IS and application security issues and how to detect, attack, and defend against them.
All students will leave with an in-depth understanding of not only why and how these vulnerabilities are found, but also all of the tools and techniques needed to execute them.
- Protocol Issues
- Platform or Host Vulnerabilities (Services and Ports)
- OWASP Top 10 Vulnerabilities (Understanding and Exploitation)Attack the User
- MITM (Session Hijacking, Snooping, Sniffing)
- Leveraging the information gained to impersonate an authorized user- Phishing Attacks (How to clone and impersonate a site, Click-jacking, Custom Java code embedding and execution
About The Instructor
Infosec specialist whose qualifications include an indepth understanding of security principals and practices; C|EH, MCSE+Security designations; and detailed knowledge of security tools, technologies and development. Seven years of security experience in the creation and deployment of solutions protecting networks, systems and information assets for diverse companies and organizations, with over 10 years overall in the industry.
Title: Hunting The White Whale – Offensive Application Pentesting
Instructor: Kizz Myanthia
Date: 6/3/2015, 9AM-5PM
Class Size: 20 seats are available total (register early!)
Prerequisites: This course is most useful for anyone that wants to learn how the “Hacker” mindset works, the Information Security administrator, Pentester, or anyone else that wants to gain the knowledge of how a malicious Hacker executes successful attacks. This class is focused on real-world issues and will focus on having the student use the techniques to understand each step.
Class Requirements: Your own laptop with a Virtual Instance of Kali Linux (the instructor can’t provide tech support) and a moderate understanding of PenTesting vocabulary.
RVAsec Announce Signup