June 17th / 18th 2009

NopSec, Inc. SOC

155 Water St., Brooklyn, NY 11201 USA

For Information and Registration visit:

http://tinyurl.com/w3afnyctraining

Introduction

Internet security threats are migrating from pure network-level attacks to web server and web application attacks. The web application itself has become the new security perimeter, and is wide open to the new generation of attacks. That’s the reason why is very important for IT security staff to have cutting- edge knowledge of web application security vulnerability testing techniques and tools.

Overview

w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that are both easy to use and extend. The project started back in 2006 with only one developer but it is now developed and supported by a team of Web Application Hackers and Open Source experts around the world. The w3af ninja training course is focused on manual and automated discovery and exploitation of web application vulnerabilities using w3af. During this course you’ll also learn how to write your own exploits and customized plugins in order to achieve your goals during a web application penetration test.

This course is an intense hands-on class in which you won’t stop learning for a minute. In each practice we’ll focus on a particular type of web application vulnerability which will be analyzed and understood manually and then it’s detection and exploitation is automated using w3af.

All around the training interesting plugin code snippets will be subject to analysis and modification, which will give you great understanding of the framework and will also give you the means to automate your future web application penetration tests.