NopSec and Bonsai Information Security presents "w3af Ninja Training Class"
June 17th / 18th 2009
NopSec, Inc. SOC
155 Water St., Brooklyn, NY 11201 USA
For Information and Registration visit:
http://tinyurl.com/w3afnyctraining
Introduction
Internet security threats are migrating from pure network-level attacks
to web server and web application attacks. The web application itself
has become the new security perimeter, and is wide open to the new
generation of attacks. That's the reason why is very important for IT
security staff to have cutting- edge knowledge of web application
security vulnerability testing techniques and tools.
Overview
w3af is a Web Application Attack and Audit Framework. The project goal
is to create a framework to find and exploit web application
vulnerabilities that are both easy to use and extend. The project
started back in 2006 with only one developer but it is now developed and
supported by a team of Web Application Hackers and Open Source experts
around the world. The w3af ninja training course is focused on manual
and automated discovery and exploitation of web application
vulnerabilities using w3af. During this course you'll also learn how to
write your own exploits and customized plugins in order to achieve your
goals during a web application penetration test.
This course is an intense hands-on class in which you won't stop
learning for a minute. In each practice we'll focus on a particular type
of web application vulnerability which will be analyzed and understood
manually and then it's detection and exploitation is automated using w3af.
All around the training interesting plugin code snippets will be subject
to analysis and modification, which will give you great understanding of
the framework and will also give you the means to automate your future
web application penetration tests.
