Web Penetration Testing



Overview

With the ubiquity of web applications, understanding their security and being able to audit them is a critical skill all security professionals should possess.

In this training, we will take you through the basics of modern web applications, their architectures, essential components, and common deployment scenarios on servers and in the cloud.

Our teaching methodology focuses on helping beginners learn essential concepts by trying every attack practically in our purpose-built labs. This ensures that at the end of this training you will have job-ready skills to begin your journey as a junior web application pentester.

Student Requirements:
- Basic knowledge of computers and networking
- Familiarity with the Linux operating system

Target Audience
Junior Pentesters, Developers, and Security Enthusiasts.

Course Content
- Basics and Fundamentals of Web Application
- Web Application Architectures
- OWASP Top 10

About the Trainers
Jeswin Mathai is a Senior Security Researcher at INE. Prior to joining INE, He was working as a senior security researcher at Pentester Academy (Acquired by INE). At Pentester Academy, he was also part of the platform engineering team who was responsible for managing the whole lab infrastructure. He has published his work at DEFCON China, RootCon, Blackhat Arsenal, and Demo labs (DEFCON). He has also been a co-trainer in classroom trainings conducted at BlackHat Asia, HITB, RootCon, OWASP NZ Day. He has a Bachelor degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. His area of interest includes Cloud Security, Container Security, and Web Application Security.

Shantanu Kale is a Cloud Developer at INE with strong roots in web and network penetration testing, vulnerability scanning, and Open Source Intelligence Techniques. Have worked on techniques involving Active Directory attacks and defense. Have led teams for various national level hackathons, including the Smart India Hackathon, conducted by GoI. His areas of interest include Advanced Pentesting, Malware Analysis, Cryptography, Web Application Security and AD Security.