Hacker Mindset Workshop
> Services for your people > Hacker Mindset Workshop
Hacker Mindset Workshop
If your organization uses applications, platforms or infrastructures, attackers will try to find ways to exploit them. Understanding how attackers think, what they look for, and what systems can be made to do, is an important step towards protecting your assets. In particular developers and IT staff should be aware of how hackers think.
During the Hacker Mindset workshop, a guided, hands-on, technical session will be held where participants will be attacking a vulnerable application. Part frustration, part exhilaration, as these are both key elements in what drives hackers and will help you understand why hackers do what they do. We start with a vulnerable web application, and end with total control over the web server by compounding small design mistakes, vulnerabilities, and misconfigurations.
Why should you attend?
- Learn to spot small points of interest within applications that support compromising a system
- Learn how to think like a hacker
- Understand the difference between a black hat hacker and an ethical hacker
This is a very interactive workshop with lots of exercises, demonstrations and quizzes to support effective learning.
Who should attend?
This training is suitable for:
- General IT staff
- Security management staff
- Non-technical staff with technical affinity
Required Skills & Expertise
This workshop is suitable for any skill level; some basic understanding of how typical websites are built up is useful. The workshop will be adjusted to the audience. Bring your own laptop to the workshop, the only ‘tool’ that we will use is a web browser. No specialized programs are needed.
The duration of this training course is half a day.
12:30 Introduction to the trainer
- Introduction of the trainer (an ethical hacker)
- Walkthrough of the agenda
12:45 Think like an attacker. How do you do that?
- The training will take the participants along for a trip into his way of looking at systems.
- What are hackers looking for?
- What does it mean to take a different approach?
13:00 Common vulnerabilities and how these can be exploited
- The trainer will show several common vulnerabilities that can be found in (web-)applications.
- Multiple attacks and variations will be shown and discussed.
13:30 Demonstration: "From pop-up to system compromise."
- The trainer will demonstrate how a seemingly small issue can have a large impact.
- The goal is to create awareness and to demonstrate how 'realistic' such an attack is.
13:45 Variations on attacks and combining pieces
Most applications these days have a proper security baseline. Most frameworks help the developers to build safe applications. The training will demonstrate how you still can use small vulnerabilities to generate significant risks that jeopardise the entire application.
14:00 Coffee break
14:15 Hands on: Hack and attach the training lab
- The participant will experience firsthand what it's like to hack. Both the frustration and the excitement will be dealt with as these are essential elements in what drives hackers.
- Under supervision, the participants will hack a purpose built (vulnerable) environment especially developed for the Hacker Mindset Workshop.
16:15 Explanation and detailed walkthrough of full system compromise
- In a detailed walkthrough, the trainer shows how to go through the environment with a hacker's mindset.
- The purpose is to convey the Hacker Mindset and the way of thinking.
16:30 Wrap up with questions and answers
Request a Tailored Workshop
If you are interested in hosting this interactive and tailored workshop at your company, please let us know via the contact form, by telephone +31 (0)88 888 31 00or email firstname.lastname@example.org.
Secura is a leading cybersecurity expert. Our customers range from government and healthcare to finance and industry worldwide. Secura offers technical services, such as vulnerability assessments, penetration testing and red teaming. We also provide certification for IoT and industrial environments, as well as audits, forensic services and awareness training. Our goal is to raise your cyber resilience.
Secura is a Bureau Veritas company. Bureau Veritas (BV) is a publicly listed company specialized in testing, inspection and certification. BV was founded in 1828, has over 80.000 employees and is active in 140 countries. Secura is the cornerstone of the cybersecurity strategy of Bureau Veritas.