THIS STUDY GROUP IS FULL! PLEASE JOIN THE WAITLIST. WE WILL DO OUR BEST TO NOTIFY YOU SHOULD A SPACE COME OPEN.
Are you looking to get into web application pentesting or bug bounty hunting? Join our study group! This will be a hands-on study group where we will practice, practice, practice. We will study common web app vulnerabilities, exploit them on vulnerable web apps, and understand how to remediate them.
This study group is free, but will be available to paying members only. Not a member? Join here.
This will be held online every Wed from 600p - 900p PST via join.me. We plan to repeat this study group once the cycle is over. Tune in to the information session on May 8 to get more details!
These vulnerable application/virtual machines will be used for the study group:
Mutillidae 2
Webgoat
RailsGoat
Security Shepherd
DVWA
bWAPP
Juice Shop
Hackazon
May 8 - Info/pre-start session
May 15 - Map application with Burp & other tools
May 22 - Security Misconfiguration + Sensitive Data Exposure + Using Components with Known Vulnerabilities
May 29 - Broken Authentication & Session Management
June 5 - Broken Access Controls + Insecure Direct Object References + Missing Function Level Access Control
June 12 - Injection (Other)
June 19 - Injection (SQL)
June 26 - Unvalidated Redirects and Forwards aka Open Redirects + SSRF
July 10 - Cross Site Scripting (XSS)
July 17 - Cross Site Request Forgery (CSRF)
July 24 - Insecure Deserialization
Any Date - Self/company assessment
|