TROOPERS20 Training Teaser: Hacking Node.js & Electron apps, shells, injections and fun!

Did you know that in the ever evolving field of Web and Desktop apps, it turns out these can all now be powered with JavaScript? You read that right: JavaScript is now used to power both web apps (Node.js) as well as Desktop apps (Electron). What could possibly go wrong?

So, the burning question is: how does this affect Web and Desktop app security? If you want to find out, come to our training and you will experience this in a 100% hands-on fashion! 🙂

You will learn about how to hack Web and Desktop apps, with a special focus in JavaScript attack vectors tailored for Node.js and Electron but also broader attack vectors that will also work against regular Web and Desktop apps.

What are the main attack vectors against Web and Desktop apps? How can apps defend against these? How do JavaScript frameworks change this? Come to find out!

Please note we focus on a 100% hands-on approach, where you learn by doing and instructors help you solve challenges, no boring “death by powerpoint” sessions, the course is suitable for all skill levels:

  • Extra mile and CTF exercises are available for advanced students;
  • New students are introduced to concepts from scratch;
  • Everybody gets lifetime access to our training portal:
    ◦ Unlimited email support;
    ◦ All future updates of training material;
    ◦ Step-by-Step video recordings;
    ◦ And a T-shirt! 🙂

Trainees who attend this training can expect to gain a solid understanding of Web and Desktop app security, immediately applicable to Web and Desktop security audits and secure development best practices.

You can find the detailed agenda of “Advanced Pwning & Fixing of Node.js & Electron apps, shells, injections and fun!” here.

Please come with Virtual Box installed, at least 8GB of RAM and have fun with us!

Abraham & Anirudh