4. Hack7: Web Application Hacking

Hack7: Web Application Hacking

Vulnerabilities in web applications are a popular target for hackers, as these often enable them to steal confidential data and penetrate further into the company network. During this two-day workshop, the participants will learn how hackers break into web applications and what risks applications may be exposed to. The training course presents the most common attacks in theory and practice. The objective is to enable the participants to personally carry out attacks on a web application, which was specially created for this purpose, at the end of the second training day.

Topics

Cross-site scripting (XSS)

  • Taking over user sessions
  • Privilege escalation
  • Pasword theft

Cross-site request forgery (XSRF)

SQL injection

OS command injection

Local/remote file inclusion (LFI/RFI)

  • Server attacks with your own program code

Session management

  • Getting to know the session management
  • Taking over of external sessions
  • Understanding of cookies and exploitation of flaws
  • Password-guessing attacks

Cookies

  • What should be observed during generation and use of (session) cookies?

Browser security

  • Same-Origin Policy
  • Cross-Origin Resource Sharing

CAPTCHA

  • Automated attacks and identification of weaknesses in protection measures

Exercises

  • Deepening the learning content by practical exercises of all topics
  • Independent analysis of a complete web application
  • Deserialization attacks

Technical requirements

Basic knowledge of HTML, HTTP and SQL

Duration

Two days

Dates

04.-05.02.2025 / 14.-15.10.2025 (online)

12.-13.05.2025 / 22.-23.07.2025 (Tübingen)

03.-04.02.2026 / 14.-15.10.2026 (online)

05.-06.05.2026 / 22.-23.07.2026 (Tübingen)

Price

€ 1596,00

Training 2026

For download in German only

Dates & Registration 2026

For download in German only

Training 2025

For download in German only

Dates & Registration 2025

For download in German only

DO NOT HESITATE TO GET IN TOUCH +49 7071 407856-0 or anfrage@syss.de | OUTSIDE REGULAR OFFICE Hours CALL +49 7071 407856-99

As a framework contract customer please dial the provided on-call service number

DO NOT HESITATE TO GET IN TOUCH +49 7071 407856-0 or anfrage@syss.de

OUTSIDE REGULAR OFFICE Hours CALL +49 7071 407856-99

As a framework contract customer please dial the provided on-call service number

GET IN TOUCH

+49 7071 407856-0 or anfrage@syss.de

OUTSIDE REGULAR OFFICE Hours

+49 7071 407856-99

As a framework contract customer please dial the provided on-call service number