Tag: xss
February 7, 2017 | by Kristoffer | Blog posts, Company News

Mark your calendars: this February 28th 2017, the Netsparker and eLearnSecurity teams will unite to host the technical webinar, Effectiveness of Automated Web Security Scanners. The event – kicking off at 1 PM ET – will be hosted by none other than Netsparker’s Product Architect, CEO, and founder, Ferruh Mavituna.
Tags: automated tools, cybersecurity, eLearnSecurity, IT Security, IT security training courses, Netsparker, sqli, web app security scanner, web application security, webinar, xss
Read more
November 17, 2015 | by Edcel Suyo | Blog posts

Good news for all Students of our Penetration Testing Professional version 3 – PTPv3 training course. Our team of IT Security researchers just activated 10 additional virtual labs! You can now practice even more challenging scenarios covering network security and web application security.
Tags: Domain Admin, Hera lab, ICMP redirect, network security, penetration testing, penetration testing professional, PTPv3, virtual labs, web application security, xss
Read more
August 16, 2015 | by Edcel Suyo | Video

Active Directory policies can be used by System Administrators to deploy systems and users preferences, secure systems, lock down the workstation, create user accounts etc. By default, the active directory policies have Read permissions granted to the domain users.
IT Security Researcher Davide Girardi (aka GiRa) attempts to gain full access to a local administrator account‘s records as well as execute an escalation to a full domain admin account.
Tags: active directory policy, Domain Admin, network attack, pentest demo, xss
Read more
May 16, 2015 | by Edcel Suyo | Researches

eLearnSecurity students, want to get 1 million air miles? Go get yourself a reward with United Airlines Bug Bounty Program!
American airline company, United Airlines, launched a bug bounty program (a first in the airline industry) rewarding information security researchers as much as 1 million air miles for finding high-critical vulnerabilities in their websites, applications or online portals.
Tags: authentication bypass, bug bounty, cross site forgery request, cross-site scripting, penetration testing, remote code execution, United Airlines, vulnerabilities, xss
Read more
August 28, 2014 | by GiRa | Blog posts

It’s a long way to the root if you wanna Rock and Roll!
Hi folks!
First of all, thank you for the massive attendance at the webinar. That was awesome!
For those who missed it, here you can find a recording of the session.
Tags: metasploit, penetration testing, pentest, pivoting, web application security, webinar, xss
Read more
August 11, 2014 | by GiRa | Blog posts

It’s a long way to the root if you wanna Rock and Roll!
On August 26th, our Security Researcher Davide Girardi, a.k.a. GiRa, will present an exploitation scenario on a typical company network. The exploitation will start from a Cross-Site-Scripting flaw in the company blog and will get us to a full Active Directory Administrator account.
Tags: metasploit, penetration testing, pentest, pivoting, web application security, webinar, xss
Read more