Course: Full Stack Web Attack
Trainer: Steven Seeley
Training Duration: 3-days
Audience Level: AdvancedRegister Now
Full Stack Web Attack is not an entry-level course.
It’s designed to push you beyond what you thought was possible and set you on the path to develop your own workflow for offensive zero-day web research. This course is developed for web penetration testers, bug hunters and developers that want to make a switch to server-side web security research or see how serious adversaries will attack their web based code.
Each of the vulnerabilities presented have either been mirrored from real zero-day or are n-day bugs that have been discovered by the author with a focus on not just exploitation, but also on the discovery. So if you want to learn how to exploit web technologies without client interaction for maximum impact, that is, remote code execution then this is the course for you. Leave your OWASP Top Ten and CSP bypasses at the door.
* This syllabus is subject to change at the discretion of the instructor.
My name is Steven Seeley, but I am also known as mr_me.
I’m an information security specialist and I’m originally from Australia. After having worked in the United States for a few years, I now reside in Mexico. I have years of local and international experience in corporate and government penetration tests, source code audits and security research.
This year Chris and I competed in Pwn2Own ICS Miami and we won first place, taking the title as Master of Pwn.
Previously I developed the AWAE course for Offensive Security and taught the class multiple times at Black Hat. Additionally I have been a platinum researcher with the Zero Day Initiative (ZDI) for the last 5 years running and have had over 1000 high impact vulnerabilities published through the ZDI in several major vendors.