Web Application Security Testing – Mindset to Skillset Journey (Brain-on & Hands-on)


This Security Testing of Web Applications workshop is not yet another run-on-the-mill kind of workshop. The facilitator “Santhosh Tuppad” comes from a “Black Hat Hacker” Mindset, but is a “White-Hat Hacker”. Santhosh is going to start from the minimum basics so that you get the basics and little things right before he takes you through the roller-coaster ride of “Web Application Security Testing” Workshop.

Please note that, this will be mix of theory accompanied with a lot of exercises to work individually and also as a team. You will be equipped with hands-on exercises and also explanation of how an attack works for Authentication, Session Management, Database Hacking, Access Controls (PBAC & RBAC), Tell Tale Signs, Firewalls, IDS, IPS and more (Includes OWASP Top 10 Attacks Demonstration and also hands-on exercises along with deeper explanation). Not only explanation, but hands-on exercises on all minor to major attacks the web application can be vulnerable to. Santhosh has his own crafted exercises for hands-on learning along with some open-source vulnerable apps to help you think broader. It doesn’t just stop here, Santhosh will also help you understand how to fix them or what can be stronger counter-measures once you find the vulnerabilities. Santhosh says, “I am sure that the participants will have exciting times with various emotions in this full-day tutorial”.

One of the core reason of conducting this workshop is to help the world get more Security Testers who can fight against Malicious Hackers around the globe. Santhosh has a great respect for Black-Hat Hackers in terms of the ways they are skilled and his goal is to help “Software Companies” to help their “Users” feel secure by helping more testers to do “Web Application Security Testing”.

How to decide if “Security Testing” is for you or not? Look into the below statements to see if they help you decide,
#. You are enthusiastic about learning security testing?
#. You always wanted to improve your profile by learning to test for security?
#. You love to tinker with web and mobile apps?
#. You want to “Wow” your team members by finding security bugs that matter?
#. You want to grow in your career?
#. You haven’t done a bit of security testing in your career, but you want someone who can guide you and train you better? Or you have probably done few attacks as a script kiddie or using some tools

If your answers are “Yes”, then this is for you.

Testimonial from one of the participants during RTC 2018 Workshop —
“Before I got a chance to meet Santhosh I have read his great blog regarding software testing and it was very useful for me. But this year I have got a chance to visit Romanian Testing Conference and to be a part of the awesome workshop: “Web & Android: Application Security Testing For Newbies – Basics to Advanced” led by Santhosh. For my opinion that was one of the best opportunity for me to learn much more than how to use the tools. It is about way of thinking, a way of looking from the different perspective and how to think out of the box. I have come with some questions on which I have got answers at the workshop, but as a real motivator and person who knows how to share knowledge to others after that day when the workshop was done, it was much more that I have expected. My expectations were to get answers to some questions and to learn something new. But the real thing is beside answered questions and learned some really useful and interesting stuff I have leave the class with everything above already mentioned in my expectations but I must add that I was also much motivated than ever + I went home with a new set of questions in my head that will keep me moving forward and keep me on the track to improving skills, something that keeps you thinking even when workshop is finished. Thank you, Santhosh for the great workshop, knowledge sharing and at the first thank you for the lesson how to stay ethical by using knowledge and skills to help others.”


Laptops (Windows/Mac/Linux)
The tools will be installed during the workshop


09:00 – 10:30  Part 1
10:30 – 11:00  Coffee Break
11:00 – 12:30  Part 2
12:30 – 13:30  Lunch
13:30 – 15:30  Part 3
15:30 – 16:00  Coffee Break
16:00 – 17:30  Part 4

Rate this tutorial

Sli.do – 8031

Full Day Tutorial Security