Pentest

Pentest Web Black Box Intermediate - 5 days

Description

Web applications represent a large part of the attack surface exposed on the Internet. As technology evolves, new vulnerabilities and exploitation methods continue to emerge, making the intrusion steps more complex.

During this five-day training, participants will study the functioning of the security mechanisms implemented in recent web applications. The various exercises resulting from the feedback of our experts will allow them to refine their intrusion methods for the exploitation of complex vulnerabilities. Finally, learners will be able to understand the specificities of Java, PHP, Python and ASP.NET languages and frameworks, using dedicated modules.

  • 5 days (35 hours) customizable

  • 9 course modules for Java, PHP, Python and ASP.NET

  • Over 30 hands-on exercises

Public and prerequisites

This training is suitable for people with prior experience in web intrusion techniques. It is mainly intended for pentesters and developers.

  • Pentesters

  • Developers

Good networking and Unix knowledge is also recommended.

Content

Day 1

BurpSuite: advanced usage, limitations, shortcuts and automation mechanisms, extensions ( AuthMatrix, Hackvertor, ActiveScan++ ). Reconnaissance: DNS enumeration, vhosts, fuzzing, web component identification.

Day 2

Fundamental security mechanisms: authentication ( OAuth, JWT, SAML ), session management ( cookies, tokens, viewstates ), password reset, access control, user input management. Advanced exploitation: XXE, SSRF, injections, SSTI, prototype pollution, cryptographic attacks, GraphQL, specifics of cloud environments.

Day 3

Java: recognition and identification of frameworks ( extensions, endpoints, headers, administrative interfaces ), exploitation of specific vulnerabilities ( XXE, HQL injections, deserialization, expression languages, JNDI, path traversals ).

Day 4

PHP: recognition and identification of frameworks ( endpoints, errors, headers ), security functions ( session management, sanitization ), exploitation of specific vulnerabilities ( type juggling, stream wrappers and filters, deserialization and design of complex POP chains, XXE ), post-exploitation ( fileless execution, disable_functions bypasses ).

Day 5

Python Django: attack surface exposure (debug mode, cookie signing, DTL and Jinja2 template injection). ASP.NET: fundamentals, recognition, exploiting specific behaviors (deserialization, ViewState, Web.config, SSTI (Razor), XXE).