Meet the Speaker: Vaibhav Lakhani

Vaibhav holds elite cybersecurity certifications, including:

• OSCP (OffSec Certified Professional)

• CRT (CREST Registered Penetration Tester)

• CRTO (Certified Red Team Operator)

• CARTP (Certified Azure Red Team Professional)

• CEH (Practical) (Certified Ethical Hacker)

• eJPT (eLearn Junior Penetration Tester)

He has spoken at NullCon Goa 2025, Null Pune, SecurityBoat Meetup, and various institutions across India. As a Udemy instructor, he also educates thousands of students in iOS & Android Penetration Testing.

Location: Phase 3, 4th Floor, Seminar Hall,Atharva College Of Engineering, Mumbai

Skills to be Assessed:

• Web Application Security

• Vulnerability Assessment & Penetration Testing (VAPT)

• OWASP Top 10 Security Risks

• Bug Bounty Hunting

• SQL Injection & Authentication Bypass Techniques

• Cross-Site Scripting (XSS) & HTML Injection

• Session Management Security

• Hands-on Burp Suite Usage

What You’ll Learn:

• Understanding Web Application Security and Key Cybersecurity Terminologies

• Exploring the OWASP Top 10 Vulnerabilities – The most critical security risks

• Hands-on Experience with Burp Suite for Security Testing

• Live Demonstrations of Common Web Attacks

Workshop Modules:

Module 1: Introduction to Web Apps, VAPT & Bug Bounties

• How web applications work

• What is Vulnerability Assessment and Penetration Testing (VAPT)?

• Difference between Vulnerability Assessment (VA) & Penetration Testing (PT)

• Basic cybersecurity terminologies

• Setting up Burp Suite for security testing

Module 2: OWASP Top 10 & CVSS Framework (Practical)

• Introduction to OWASP Top 10 vulnerabilities

• Understanding the CVSS 3.0 framework

Module 3: Cross-Site Scripting (XSS) & HTML Injection Attacks

• HTML Injection attacks

• Reflected & Stored XSS attacks

Module 4: Session Management Issues

• Session Fixation vulnerabilities

• Session Timeout misconfigurations

Module 5: SQL Injection Attacks

• Basics of SQL

• Exploiting SQL Injection

• SQL to Command Injection

Module 6: Authentication Bypasses

• OTP Bypass Techniques

• CAPTCHA Bypass methods

• Email OTP Bypass Exploitation

Prerequisites:

• Burp Suite Installed on Your Device for Hands-on Practice

This is a unique opportunity to gain real-world cybersecurity skills, learn from an industry expert, and enhance your knowledge in ethical hacking and penetration testing.

Register now and take the first step towards mastering cybersecurity.