Add to my Schedule
Type : Paid Buy Ticket
1601 Broadway, New York, NY 10019 B5 May 09, 2018 TRAINING
Identify - "Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities." 10:00 AM - 04:00 PM


This workshop will introduce the student to the techniques needed to remotely detect and

validate the most common high impact vulnerabilities in web-based applications, and

reinforce that knowledge through hands-on labs. Students will gain hands-on experience

with Burp Suite Pro, the industries’ most popular toolkit for manual testing. The 

workshop will cover a single day and include live demos by the instructor as well as lab

exercises to be performed by the students.

The foundation learned in this class will enable the student to continue onto the more

advanced topics in day two, or to use self-directed resources such as the OWASP Testing

Guide ( or Web Application

Hacker’s Handbook to continue on the learning path.

Course Topics:

● Introduction to and hands-on use of Burp Suite Professional

● Gain first hand experience with web vulnerabilities by discovering and exploiting

them in web apps, using both manual and automated techniques

● Students will leave with an understanding of how to find and exploit the most

common and dangerous flaws in web applications

● Begin working though the OWASP Testing Guide as a methodology for how to

test app security

Who should attend:

Developers, QA personnel, entry-level penetration testers and security personnel, managers, and anyone interested in learning more about application security from an offensive perspective.

What students should bring:

Students are expected to bring a laptop computer so that they can run the virtual

machine image supplied by the instructor. Student system requirements are simple:


Any operating system that can run the latest stable

version of VirtualBox (free from Currently

supported operating systems include Windows, Mac, and Linux.

● 5 GB of free HD storage

● 2 GB of RAM (4+GB will give better experience)

● USB port or DVD drive

● Wi-Fi networking capability

*** Before the first day of class students must install the latest stable version of

VirtualBox. Also install the latest version of “Oracle VM VirtualBox Extension Pack”.

Both are free and found here:

What students will be provided with:

Each student will be given a virtual machine containing tools, documentation, and web

application targets for a fully self-containing web app security testing environment.

Training will take place in the open-source “Web Application Security Dojo”

( centered around the commercial tool Burp Suite

Professional. A multi-week trial license for Burp Suite Pro will be provided to students,

which can be used outside of class.

Maven Security Consulting Inc.
No moderator for this session!


Discussion not started yet.


 Code of Conduct  Press Releases
 Get Involved   Report ISSUE / BUG

The Critical Infrastructure Association of America, Inc. is a 501(c)6 Not for Profit. The mission of Critical Infrastructure Association of America is to create a membership-based, trade association of like-minded cybersecurity and closely related industry professionals that work in the field of cybersecurity. The goal is to share best practices, establish and maintain high operational standards and to educate and interact with those in the cybersecurity community within public, private and governmental sectors.