09h00 - 10h45

• Hands-on lab on how to work with tools like WebScarab, Wikto, Crowbar, Suru... These tools allow to bypass security controls and give the possibility to easily discover and exploit vulnerabilities in web applications.

10h45 - 11h00

• Break: Coffee and refreshments.

11h00 - 12h30

• Hands-on lab on how to work with tools like WebScarab, Wikto, Crowbar, Suru... These tools allow to bypass security controls and give the possibility to easily discover and exploit vulnerabilities in web applications.

12h30 - 13h30

• Lunch

13h30 - 15h00

• WebGoat hands on. This is the most fun and spectacular part of the bootcamp. WebGoat is a Java web application that contains lessons with specific vulnerabilities like SAX Injection, web services SQL Injection, Cross-site-scripting, .... These lessons allow exploiting the vulnerabilities with the tools discussed in the morning.
• In other words we provide a fictive website with all kind of vulnerabilities. Attendees must individually try to exploit these vulnerabilities. This often leads to a real competition between attendees to be the best hacker. Our experts give practical hints and advise where needed.

15h00 - 15h15

• Break: Coffee and refreshments.

15h15 - 17h00

• WebGoat hands on. This is the most fun and spectacular part of the bootcamp. WebGoat is a Java web application that contains lessons with specific vulnerabilities like SAX Injection, web services SQL Injection, Cross-site-scripting, .... These lessons allow exploiting the vulnerabilities with the tools discussed in the morning.
• In other words we provide a fictive website with all kind of vulnerabilities. Attendees must individually try to exploit these vulnerabilities. This often leads to a real competition between attendees to be the best hacker. Our experts give practical hints and advise where needed.