eLearnSecurity Blog

Tag: xss

Effectiveness of Automated Web Security Scanners: Netsparker

Mark your calendars: this February 28th 2017, the Netsparker and eLearnSecurity teams will unite to host the technical webinar, Effectiveness of Automated Web Security Scanners. The event – kicking off at 1 PM ET – will be hosted by none other than Netsparker’s Product Architect, CEO, and founder, Ferruh Mavituna.

Tags: , , , , , , , , , ,

Read more

10 New Labs Activated in the Penetration Testing Professional v3 Training Course

PTPv3 training course new labs

Good news for all Students of our Penetration Testing Professional version 3 – PTPv3 training course. Our team of IT Security researchers just activated 10 additional virtual labs! You can now practice even more challenging scenarios covering network security and web application security.

Tags: , , , , , , , , ,

Read more

Network Attack Demo from XSS to Domain Admin

from xxs to domain admin attack demo

Active Directory policies can be used by System Administrators to deploy systems and users preferences, secure systems, lock down the workstation, create user accounts etc. By default, the active directory policies have Read permissions granted to the domain users.

IT Security Researcher Davide Girardi (aka GiRa) attempts to gain full access to a local administrator account‘s records as well as execute an escalation to a full domain admin account.

Tags: , , , ,

Read more

Get 1 Million Air Miles with United Airlines Bug Bounty Program

united airlines

eLearnSecurity students, want to get 1 million air miles? Go get yourself a reward with United Airlines Bug Bounty Program!

American airline company, United Airlines, launched a bug bounty program (a first in the airline industry) rewarding information security researchers as much as 1 million air miles for finding high-critical vulnerabilities in their websites, applications or online portals.

Tags: , , , , , , , ,

Read more

From XSS to Domain Admin

From XSS to Domain Admin - webinar scenario

It’s a long way to the root if you wanna Rock and Roll!

On August 26th, our Security Researcher Davide Girardi, a.k.a. GiRa, will present an exploitation scenario on a typical company network. The exploitation will start from a Cross-Site-Scripting flaw in the company blog and will get us to a full Active Directory Administrator account.

Tags: , , , , , ,

Read more

Go to top of page