CanSecWest DOJOs
2024
From March 16 to 19 and March 23 onwards.
Post-Conference DOJOs
Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation
Have you ever thought of hacking web applications for fun and profit? How about playing with authentic, award-winning security bugs identified in some of the greatest companies? If that sounds interesting, join this unique hands-on training!
I will discuss security bugs found in a number of bug bounty programs (including Google, Yahoo, Mozilla, Twitter and others). You will learn how bug hunters think and how to hunt for security bugs effectively.
To be successful in bug hunting, you need to go beyond automated scanners. If you are not afraid of going into detail and diving into full-stack exploitation, then this training is for you.
Watch 3 exclusive videos to feel the taste of this training:
Exploiting Race Conditions: https://www.youtube.com/watch?v=lLd9Y1r2dhM
Token Hijacking via PDF File: https://www.youtube.com/watch?v=AWplef1CyQs
Bypassing Content Security Policy: https://www.youtube.com/watch?v=tTK4SZXB734