lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 26 May 2009 16:43:16 -0400
From: Michelangelo Sidagni <>
Subject: W3af ninja training class in NYC

NopSec and Bonsai Information Security presents "w3af Ninja Training Class"

June 17th / 18th 2009

NopSec, Inc. SOC

155 Water St., Brooklyn, NY 11201 USA

For Information and Registration visit:


Internet security threats are migrating from pure network-level attacks 
to web server and web application attacks. The web application itself 
has become the new security perimeter, and is wide open to the new 
generation of attacks. That's the reason why is very important for IT 
security staff to have cutting- edge knowledge of web application 
security vulnerability testing techniques and tools.


w3af is a Web Application Attack and Audit Framework. The project goal 
is to create a framework to find and exploit web application 
vulnerabilities that are both easy to use and extend. The project 
started back in 2006 with only one developer but it is now developed and 
supported by a team of Web Application Hackers and Open Source experts 
around the world. The w3af ninja training course is focused on manual 
and automated discovery and exploitation of web application 
vulnerabilities using w3af. During this course you'll also learn how to 
write your own exploits and customized plugins in order to achieve your 
goals during a web application penetration test.

This course is an intense hands-on class in which you won't stop 
learning for a minute. In each practice we'll focus on a particular type 
of web application vulnerability which will be analyzed and understood 
manually and then it's detection and exploitation is automated using w3af.

All around the training interesting plugin code snippets will be subject 
to analysis and modification, which will give you great understanding of 
the framework and will also give you the means to automate your future 
web application penetration tests.

Powered by blists - more mailing lists