This document outlines the training program for Web App Pentesting 101 Training that will be split into two sessions. This training was conceived as an introduction to Web App Pentesting, how it is conducted and what are the challenges of a Security Consultant. This training is open to both Rhacklette members and not, but restricted to people who identify as FINTA (Female, Intersex, Non-binary, Transgender and Agender).

This training was also conceived as an introduction to our CTF Training. You can get some general understanding and some experience before joining the CTF training.

Training

Web App Pentesting 101 – Part 1

The goal of this talk is to give you a broad overview of web application penetration testing as well as security consulting in general. The talk will contain a short overview of how Web Applications work, an approach to testing them and a general overview of what is part of the Security Consultant job.

Web App Pentesting 101 – Part 2

In the second talk we will focus more on the technical nitty gritty details of Web Application Penetration Testing. This will contain a lot of Demos and audience interactions and will not only show vulnerabilities but also how to prevent them.

Why should I do that?

The training program offers a number of benefits, including:

• Learn about Pentesting
• Learn the most common web vulnerabilities, how to find them and how to fix them
• Learn about the Security Consultant job
• Increased knowledge of security topics
• Opportunity to network with other hackers
• Challenge yourself
• Have fun!!

When and where?

6th July 2023, 18:30-19:30 - Part 1

10th July 2023, 18:30-19:30 - Part 2

Location: Zollstrasse 62, 8005 Zurich

Why should I choose your training?

Our training is a safe and welcoming space for FINTA individuals to learn about Web Security. We are committed to creating a non-judgemental environment where everyone can feel comfortable asking questions and sharing their ideas. Our instructors are experienced and knowledgeable, and they are passionate about helping FINTA individuals succeed in cybersecurity. We offer a variety of resources, including demos and open discussions to help you learn at your own pace.

Conclusion

This training is a great way to learn what a Pentester does in the role of Security Consultant and to learn about the most common vulnerabilities, how to find them in a web application and how to fix them.

Do you want to join us? Contact us at rhacklette@defcon-switzerland.org and we’ll tell you the next steps to be added to the participants list!