Why should you attend?
- Learn to spot small points of interest within applications that support compromising a system
- Learn how to think like a hacker
- Understand the difference between a black hat hacker and an ethical hacker
This is a very interactive workshop with lots of exercises, demonstrations and quizzes to support effective learning.
Who should attend?
This training is suitable for:
- Developers
- General IT staff
- Security management staff
- Non-technical staff with technical affinity
Required Skills & Expertise
This workshop is suitable for any skill level; some basic understanding of how typical websites are built up is useful. The workshop will be adjusted to the audience. Bring your own laptop to the workshop, the only ‘tool’ that we will use is a web browser. No specialized programs are needed.
Program
The duration of this training course is half a day.
12:30 Introduction to the trainer
- Introduction of the trainer (an ethical hacker)
- Walkthrough of the agenda
12:45 Think like an attacker. How do you do that?
- The training will take the participants along for a trip into his way of looking at systems.
- What are hackers looking for?
- What does it mean to take a different approach?
13:00 Common vulnerabilities and how these can be exploited
- The trainer will show several common vulnerabilities that can be found in (web-)applications.
- Multiple attacks and variations will be shown and discussed.
13:30 Demonstration: "From pop-up to system compromise."
- The trainer will demonstrate how a seemingly small issue can have a large impact.
- The goal is to create awareness and to demonstrate how 'realistic' such an attack is.
13:45 Variations on attacks and combining pieces
Most applications these days have a proper security baseline. Most frameworks help the developers to build safe applications. The training will demonstrate how you still can use small vulnerabilities to generate significant risks that jeopardise the entire application.
14:00 Coffee break
14:15 Hands on: Hack and attach the training lab
- The participant will experience firsthand what it's like to hack. Both the frustration and the excitement will be dealt with as these are essential elements in what drives hackers.
- Under supervision, the participants will hack a purpose built (vulnerable) environment especially developed for the Hacker Mindset Workshop.
16:15 Explanation and detailed walkthrough of full system compromise
- In a detailed walkthrough, the trainer shows how to go through the environment with a hacker's mindset.
- The purpose is to convey the Hacker Mindset and the way of thinking.
16:30 Wrap up with questions and answers