We often hear about “Pentest”, what does it mean? What is the use of it? How do we carry out penetration test to evaluate different servers and systems?
In this advanced workshop, we will share our “Kung Fu” (practical skills) with you such that you can apply techniques learnt to uncover system vulnerabilities before an attacker can leverage them.
Date and Time
14 – 15 March, 2023 09:30 – 17:00
1/F, HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong
Cantonese with English terminology
Penetration Test Process
- Penetration test framework, process, methodology and ethics
- OWASP top 10 vulnerabilities reload
- Common vulnerabilities and misconfiguration of web application and network
- Web application and network penetration test as well as Scripting Kungfu
- Get to know a vulnerability
- Further Attack: Metasploit – An exploit framework and post-exploitation with Meterpreter scripting
- More on scripting stuff in Python, NMap Script Engine and Meterpreter Scripting
Early Bird Price (deadline on 14 Feb 2023):
- Staff of Organiser or Member of Supporting Organisation: HK$6,400
- Non-member: HK$6,500
- Staff of Organiser or Member of Supporting Organisation: HK$6,500
- Non-member: HK$6,600
Dr Anthony LAI
Founder & Security Researcher, VX Research Limited
Anthony LAI who has hybrid experience in application development, code security, penetration test, threat analysis and audit areas for 14 years. He has done vulnerability assessment, penetration, IT audit and training for government and various corporates. He is now a lead consultant and threat advisor of several MNCs. He acts as a researcher in Knownsec for Web security.
Anthony has spoken in Blackhat USA 2010, DEFCON 18-20, AVTokyo 2011-2012, 2013.5, HITCON 2010-2011 as well as Codegate 2011. He has set up a security research group called VXRL (www.vxrl.org) in Hong Kong, which connects various whitehats and security researchers.
He is a SANS GWAPT, GREM and GCFA holder.
- Basic Linux and Win32 commands
- Basic knowledge in TCP/IP and networking concepts
- Programming and scripting experience but not mandatory
- Anyone with an interest in penetration testing
- IT auditors, system administrator, software developers
Certificate of Training
Participants who have attained 75% or more attendance will be awarded Attendance Certificate.