Learn InfoSec skills you can implement immediately! Six courses available in Houston - Oct. 28-Nov. 2.

London September 2017

London, United Kingdom | Mon, Sep 25 - Sat, Sep 30, 2017
This event is over,
but there are more training opportunities.

Struts Your Stuff

  • Moses Hernandez
  • Monday, September 25th, 7:00pm - 8:00pm

This talk will go over how to approach, discovery, and potentially abuse applications that developed using the Struts 2.0 framework. In the talk we will be speaking about Java Classes and how to build certain types of exploit chains, how attackers can bypass Java Sandboxes, and other generic Java Topics. It will also go over how Java-based web applications can be exploited, how struts 2.0 factors in and how OGNL can play a role in this exploitation. This will also serve a preview to the latest SEC642 Update (Advanced Web Application Penetration Testing). Presented by Moses Hernandez.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
Monday, September 25
Session Speaker Time Type
Struts Your Stuff Moses Hernandez Monday, September 25th, 7:00pm - 8:00pm SANS@Night
Tuesday, September 26
Session Speaker Time Type
Real World incidents and threats to Critical Infrastructure Tuesday, September 26th, 7:00pm - 8:00pm SANS@Night