Loading…

The Open Web Application Security Project (OWASP) Los Angeles Chapter is teaming up with the Orange County, San Diego, SF Bay Area, and the Inland Empire chapters to bring you the FIFTH Annual AppSec California. The event is a one of a kind experience for information security professionals, developers, and QA and testing professionals, as they gather at the beach from around the world to learn and share knowledge and experiences about secure systems and secure development methodologies.

One and Two-day training sessions on various subjects by expert trainers kick off the conference on January 28th. World renown speakers follow on days three and four.

There will be four concurrent tracks throughout the day on both January 30 and 31, addressing a variety of topics to enhance knowledge.

Monday, January 29 • 8:30am - 4:30pm
Extended Web Application Hacking [Day 2 of 2]

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Please note: Training Sessions are not included in the Conference price.  Sign up now! Check for availability and pricing on Eventbrite.


Course Abstract:
In this training class, you'll attack a custom BitCoin Exchange with the common and even advanced vulnerabilities.  This isn't your average web app course!  We built the labs around what we are seeing as penetration testers and bug bounty hunters.
Who's This Class For: 
- Those that might have had a little experience or those that want to get into Web Penetration Testing. 
- Those that have played with Web Proxies manipulating traffic and want more 
- Those that want to get into Bug Bounties and make $$$ 
Real World Web Application Penetration Testing Course: 
- Two Day Course on Real World Web Penetration Test and Bug Hunting 
- Recon/Spidering 
- Attacking XSS, Polygots, and Blind XSS 
- Cross-Site Request Forgery 
- Integer Underflows 
- Insecure Direct Object Reference 
- Local File Inclusions and Server Side Request Forgery 
- Manual SQL Injections 
- Remote Code Execute with Images 
- Advanced Attacks: XML eXternal Entities (XXE) 
- Advanced Attacks: Deserialization Attacks 
- Advanced Attacks: NodeJS vulnerabilities
- Cloud Issues 

Speakers
avatar for Peter Kim

Peter Kim

Director of Vulnerability Research, Blizzard Entertainment
Peter Kim has been in the information security industry for the last 13 years and has been running red teams/penetration testing for the past 9 years. He has worked for multiple utility companies, Fortune 1000 entertainment companies, government agencies, and financial organizations.He... Read More →


Monday January 29, 2018 8:30am - 4:30pm
Club Room