Prerequisites: For Attendees:
1) Laptop with at least 4-6GB RAM
2) VirtualBox or VMWare (Only if running Linux in VM)
3) Platform: Debian Linux (Ubuntu or Kali preferred)
4) Virtual Machine
5) Kali Linux Virtual Machine


->Reconnaissance is the first phase of a penetration test, in which the pentester finds as much information as possible about the target website. The backend and frontend technologies used by the website can lead to constructing dedicated attack vectors in which the penetration tester exploits specific vulnerabilities of the identified software type and version. Reconnaissance is the key factor for successful bug bounty and penetration testing. There are several tools available for recon but it becomes so important about working of those tools. This workshop covers fundamentals and working on the required tools. This methodology helps create an automated process that will actively look for vulnerabilities using OSINT and other well-known recon tools.



->Workshop Date: FEBRUARY 28, 2020

->Workshop Duration: 6-8 Hours


About Trainer

ravi

Mr RAVI RAJPUT

is a Senior Security Engineer at Incognito wireless Pvt Ltd. He had previously worked with Indian police at SCRB, Gandhinagar, Gujarat and trained 6 Indian state police and 3 Union territories. He is a regular trainer and speaker at various meetups and conferences like BountyBash (Nepal), Bsides Ahmedabad (India). He is the chapter leader of Null Ahmedabad, an open security community in Gujarat. He has previously conducted various full-day hands-on workshops mainly focusing on binary exploitation.





About Course

In this course, following topics will be covered:


  • TOPICS

    1) Extensive hands-on subdomain enumeration

    2) Practice on crt.sh, shodan.io, google dorks, certspotter.com, censys.io.

    3) Hands-on JSParser, LazyRecon, Bash Aliases, Web screenshot, httprobe, aquatone.

    4) Automating Web Recon.

    5) Hands-on common vulnerabilities like SSRF, XXE using burp collaborator.