Company courses on offer

Start2Hack
- Hack along in this starter course designed to help your employees develop a security mindset. In this course we start with some theory and talk about
  - What goes into ethical hacking
  - CSRF: Hack along with this issue type to get a feel for what it is
  - XSS: Find out why it's more than what most people think
  - API hacking with postman: APIs are rising fast so let's hack some and see what all the fuss is about.
- Requirements
  - A laptop with postman installed (only needed for last part so can be left out, we will be adding more issue types in that case - XXE and LFI)
- Duration: 4h

Vulnerability type reminder
- In this brown bag session, we will bring up a quick refresher on several issue types for experienced developers/testers who might know defensive coding but could use a refresher on the attacking side of things.
  - CSRF
  - BAC
  - IDORs
  - Business Logic flaws
  - LFI/RFI
  - Captcha bypass
  - XXE
  - XSS
  - =========
  - Might add if time allows it: CSP bypassess, SSRF and OS command injection
- Requirements:
  - None
- Duration:
  - 1 hour with the option of going to 1 hour and 30 minutes with the addition of the OWASP api top 10

Vulnerabilities for developers, architects and analysts
- In this session we will be demonstrating why it is so hard to filter effectively in a life-like scenario. We will build, hack and try to secure our own code on the following issue types:
  - Open redirects
  - Reflected XSS
  - Captcha bypasses
  - LFI
- Requirements
  - A laptop with an IDE (BBEdit,notepad++,intelliJ,...) that supports PHP
- Duration:
  - 4 Hours

Simulated pentest
- The candidates will go through the process of an actual pentest with the instructor, including the signing of all documentation, hacking and debriefing. We want to give the students an application that they can not get tested fully within the timeframe to teach them they should expect to prioritise and sometimes work within very tight timeframes.
- Duration:
  - 4 hours

A full introduction to ethical hacking
- In this 2-day boot camp, we will be creating full on pentesters from your technical testers. We will teach them everything they need to know:
  - Being ethical
  - Creating test plans
  - Network hacking
  - Web application hacking
    - Main application and broad scope
  - API hacking
  - Mobile hacking
  - Different tools
  - Reporting
  - Debriefing
- Additionally we can cut this into a one-day bootcamp while leaving out API hacking and mobile hacking and different tools.
- Duration:
  - 8 or 16 hours

We can adept any training to the needs of your company and are happy to offer fully custom workshops or trainings as well. All trainings can be given in English or dutch. All trainings and workshops can be given on-site or via zoom call/google hangouts.