Hacking by Numbers Reloaded - Web Applications Bootcamp

SensePost | August 2-3

On This Page


With the Web celebrating its 25th birthday on the 12th March, web applications have ruled the Internet ever since. There’s a web app for most parts of our Internet lives and to a degree, our daily lives. With this large surface area, there’s no doubt that they are often the entry point for most breaches. If you look at some of the biggest hacks in the last 18 months, they all come from a flaw in a web application.

This course sets the scene for you start at the beginning with the basics and go all the all the way to learn how to exploit the more advanced techniques. The course focuses on the fundamentals rather than specific tools and introduces you to our hacking methodology refined over thousands of assessment conducted over the last 14 years.

This two day course has enough theory to ensure you understand what you are trying to achieve, but with a heavy focus on practical exercises. Students should expect lots of hands on hacking with some of the finest hackers in the industry!

For more information on additional SensePost courses on offer at Black Hat, please visit: http://www.sensepost.com/blackhat

Course Topics

Who Should Take This Course

This course is ideally suited to those wishing to learn how to test web applications for vulnerabilities, to those experienced infrastructure pentesters that want to expand their skill set into web applications. This course is about tearing apart applications and understanding how attackers are breaching corporate deployments.

Student Requirements

Students need to ensure they have the necessary level of skill. No hacking experience is required for this course, but a solid technical grounding is an absolute must. This includes basic Linux operating system knowledge, a basic understanding of web applications and networking fundamentals.

What Students Should Bring

Enthusiasm. This course is about learning how to spot web application vulnerabilities and exploit them to your advantage. It’s a hands-on course and not just you sitting down and watching us present.

What Students Will Be Provided With

SensePost will provide fully configured laptop computers as well as USB key drives with all the tools and materials used in the course.


All of SensePost’s Hacking By Numbers trainers are working as penetration testers. HBN course modules are often inspired by actual penetration tests we have performed in the past. We love teaching and have been doing so for Blackhat for over a decade now. Our courses are hands on, fun to do and also show real world scenarios that students will encounter.