lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <1243370224.6078.36.camel@morpheuslaw>
Date: Tue, 26 May 2009 16:37:04 -0400
From: Michelangelo Sidagni <msidagni@...sec.com>
To: pen-test@...urityfocus.com, isn@...osecnews.org,
	dailydave@...ts.immunitysec.com, bugtraq@...urityfocus.com,
	webappsec@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: W3af ninja training class in NYC

NopSec and Bonsai Information Security presents "w3af Ninja Training
Class"


June 17th / 18th 2009

NopSec, Inc. SOC

155 Water St., Brooklyn, NY 11201 USA


For Information and Registration visit:

http://tinyurl.com/w3afnyctraining



Introduction

Internet security threats are migrating from pure network-level attacks
to web server and web application attacks. The web application itself
has become the new security perimeter, and is wide open to the new
generation of attacks. That's the reason why is very important for IT
security staff to have cutting- edge knowledge of web application
security vulnerability testing techniques and tools.

Overview

w3af is a Web Application Attack and Audit Framework. The project goal
is to create a framework to find and exploit web application
vulnerabilities that are both easy to use and extend. The project
started back in 2006 with only one developer but it is now developed and
supported by a team of Web Application Hackers and Open Source experts
around the world. The w3af ninja training course is focused on manual
and automated discovery and exploitation of web application
vulnerabilities using w3af. During this course you'll also learn how to
write your own exploits and customized plugins in order to achieve your
goals during a web application penetration test.

This course is an intense hands-on class in which you won't stop
learning for a minute. In each practice we'll focus on a particular type
of web application vulnerability which will be analyzed and understood
manually and then it's detection and exploitation is automated using
w3af.

All around the training interesting plugin code snippets will be subject
to analysis and modification, which will give you great understanding of
the framework and will also give you the means to automate your future
web application penetration tests.

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ