Course Abstract

Bugcrowd is happy to offer a full day workshop for bug hunters to learn both intro and advanced topics in web bug hunting. Each BCU module will go over a vulnerability describing it's nature, how to identify it, how to exploit it, relevant tools associated to it, and have labs for students to test their skills. These Bugcrowd University modules are designed to enable the crowd to spot and exploit Priority One level bugs, even in seemingly complex web applications.

• (Intro) What makes a good submission

• (Intro) Burp Suite Workshop

• (Intermediate) Asset Discovery and Recon- IP enumeration (ASNs and Cloud)

  • Brand Enumeration (Acquisitions, RevWHOIS, Reverse tracker Analysis)

  • Subdomain Enumeration (Scraping and Bruteforcing)

  • Effective Port Scanning

  • Version based vulnerability analysis

  • Directory Bruteforcing / Content Discovery best practices

  • Prioritizing target testing areas by technology and features(Advanced)

• (Advanced) XML External Entity Injection

  • An introduction to XXE

  • XXE Identification

  • XXE Tooling / payloads

    • XXE LABS

• (Advanced) Authorization & Access Control Testing (MFLAC, IDOR)

  • The ever-giving IDOR and MFLAC

  • Examples

    • LABS

• (Advanced) Server Side Request Forgery- An introduction to SSRF

  • SSRF Identification

  • SSRF Tooling

    • SSRF LABS

• (Advanced) Security Misconfiguration (Git, AWS, Subdomain, ++)

  • introduction to AWS s3 Permissions

    • Labs

  • git pillaging

    • Labs

  • Github robbing

    • Live exercise

  • CI/Code repositories exploitation (no lab)

  • Subdomain takeover

    • Labs

Upon Completion of this training, attendees will know: At the end of this course, students should have some solid fundamentals in web testing for vulnerabilities that are more likely to show up in the wild TODAY. Not only does the course aim to arm the student with the technique, tools, and labs, but also a contextual and data-driven methodology on where and how to look for each vulnerability.

Attendees should bring: Laptop, Burp Suite (PRO preferably), VM or equivalent access to *nix command line.

Pre-requisites for attendees: General Web application security testing knowledge required. Some topics will assume some knowledge of OWASP Top Ten type vulnerabilities.

These trainings are 100% FREE to all OWASP Seasides attendees, first come first served basis only!

About the trainer Jason Haddix is the VP of Researcher Growth at Bugcrowd. Jason trains and works with internal analysts to triage and validate hardcore vulnerabilities in mobile, web, and IoT applications/devices. He also works with Bugcrowd to improve the security industries relations with the researchers. Jason’s interests and areas of expertise include mobile penetration testing, black box web application auditing, network/infrastructural security assessments, wireless network assessment, binary reverse engineering, and static analysis.

The registration is closed. However, all the events and workshops are on first come first serve basis. Please reach the venue early to grab your spot.