Pentest "Kungfu" - Advanced Cyber Security Exploit Workshop - HKPC Academy
Pentest "Kungfu" - Advanced Cyber Security Exploit Workshop
HKPC Building 78 Tat Chee Avenue Kowloon
Ms June LEE, Tel: +852 2788 5704

We often hear about “Pentest”, what does it mean? What is the use of it? How do we carry out penetration test to evaluate different servers and systems?

In this advanced workshop, we will share our “Kung Fu” (practical skills) with you such that you can apply techniques learnt to uncover system vulnerabilities before an attacker can leverage them.

Date and Time

23-24 August, 2023 09:30 – 17:00


1/F, HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong


Cantonese with English terminology

Course Content

Penetration Test Process

    • Penetration test framework, process, methodology and ethics
    • OWASP top 10 vulnerabilities reload
    • Common vulnerabilities and misconfiguration of web application and network
    • Web application and network penetration test as well as Scripting Kungfu
    • Get to know a vulnerability
    • Further Attack: Metasploit – An exploit framework and post-exploitation with Meterpreter scripting
    • More on scripting stuff in Python, NMap Script Engine and Meterpreter Scripting


Early Bird Price (deadline on 18 July 2023):

    • Staff of Organiser or Member of Supporting Organisation: HK$6,400
    • Non-member: HK$6,500

Regular Price:

    • Staff of Organiser or Member of Supporting Organisation: HK$6,500
    • Non-member: HK$6,600


Dr Anthony LAI

Founder & Security Researcher, VX Research Limited

Anthony LAI who has hybrid experience in application development, code security, penetration test, threat analysis and audit areas for 14 years. He has done vulnerability assessment, penetration, IT audit and training for government and various corporates. He is now a lead consultant and threat advisor of several MNCs. He acts as a researcher in Knownsec for Web security.

Anthony has spoken in Blackhat USA 2010, DEFCON 18-20, AVTokyo 2011-2012, 2013.5, HITCON 2010-2011 as well as Codegate 2011. He has set up a security research group called VXRL ( in Hong Kong, which connects various whitehats and security researchers.

He is a SANS GWAPT, GREM and GCFA holder.


    • Basic Linux and Win32 commands
    • Basic knowledge in TCP/IP and networking concepts
    • Programming and scripting experience but not mandatory

Target Audience

    • Anyone with an interest in penetration testing
    • IT auditors, system administrator, software developers

Certificate of Training

Participants who have attained 75% or more attendance will be awarded Attendance Certificate.

Download Full Course Detail ▼