This advanced class offers the most practical approach on web application hacking available today. By learning the newest and most interesting web hacks you will be able to find vulnerabilities in any web application, whether that’s for the purpose of finding bug bounties or conducting a professional penetration test. We teach you how to handcraft injection attacks, bypass WAF devices, defeat cryptographic flaws and much more. The best available tools are highlighted and we study a wealth of techniques which allow you to efficiently find vulnerabilities in any web application. There will be exercises throughout the class, and you get an additional 90 days access to our lab network which contains challenges to practice the material learned in the course.

  • Advanced XSS, CSRF, SQL injection
  • OAuth/SAML
  • Template injection
  • RCE via deserialization
  • Crypto flaws
  • Web application fuzzing
  • Burp advanced usage

BlackHat USA 2020

We will teach this course this year on BlackHat USA 2020. For more information and registration, please see the course page over at BlackHat: