It is easy to get lost when auditing the code of a large, complex, application.
Sometimes, the vulnerability is there but you just don’t know how to reach it, and other times it seems you just can’t find anything.
This unique course will help you find your way around those complex applications, teaching you advanced exploitation techniques and giving you the tools necessary to navigate tens of thousands lines of code with ease.
The course will introduce the common techniques used when auditing massive pieces of code, teach you how to detect complex vulnerabilities, and give you the tools to exploit them.
The objective of the course is to let you feel comfortable with auditing massive projects, knowing how to detect and exploit vulnerabilities in it, so you could ultimately find your very own 0-day.
The course targets members of the security industry wishing to improve their white-box code auditing skills.
In order to gain the most out of the course, students should be familiar with:
• Web-Security exploitation techniques (SQLI, LFI/RFI, XSS)
• Experience in web development languages (PHP, Java, JS)