Join a Thriving Cybersecurity Community.

ISRA Meetups bring together experts, students, and enthusiasts to network, learn, and grow.

Sat 27 Jun, 2026

Beginner or Expert-You Belong Here.

Whether you're just starting out or leading in the field, ISRA Meetups provide something valuable for everyone.

Sat 27 Jun, 2026

Workshop

Whitebox Web Hacking:
From Code Review to Exploitation

Workshop Description

A Whitebox Approach to Web Application Hacking is a hands-on workshop focused on identifying and exploiting vulnerabilities through source code review in Python web applications. Participants will learn how insecure coding patterns lead to real-world vulnerabilities and how attackers chain multiple bugs together to achieve deeper compromise.

The training covers practical exploitation techniques, vulnerability discovery methodologies, and common developer mistakes found in modern web applications.

Training Table of Contents

Duration: 10:00 AM - 4:00 PM (5 Hours)

Introduction to Whitebox Web Hacking

SQL Injection

Arbitrary File Read (path.join bypass)

SSRF (Server-Side Request Forgery)

Pickle Deserialization

Server-Side Template Injection (SSTI)

File Write Vulnerabilities

ZipSlip, Symlink Exploitation

Command Injection

Vulnerability Chaining

File Write → RCE

Secure Coding & Mitigations

Prerequisites

A laptop with a Linux operating system preferred
A code editor installed (VS Code/Sublime/Vim/etc.)
Python installed
Basic understanding of web applications and HTTP is good to have

Trainer(s)

Alfin Joseph

Security Engineer
CRED

Arun Krishnan

Security Engineer
Scapia

Let’s connect and build a stronger cybersecurity community together!

Venue

TinkerHub Foundation,
21/258, Cusat.P.O, Punnekkattumoola
Seaport - Airport Rd, Vidya Nagar Colony
Thrikkakara, Kalamassery, Kochi
Kerala 682022, India

About ISRA

Join a Thriving Cybersecurity Community.

Beginner or Expert-You Belong Here.

Whitebox Web Hacking:
From Code Review to Exploitation

Workshop Description

Training Table of Contents

Introduction to Whitebox Web Hacking

SQL Injection

Arbitrary File Read (path.join bypass)

SSRF (Server-Side Request Forgery)

Pickle Deserialization

Server-Side Template Injection (SSTI)

File Write Vulnerabilities

Command Injection

Vulnerability Chaining

Secure Coding & Mitigations

Prerequisites

Trainer(s)

Alfin Joseph

Arun Krishnan

Let’s connect and build a stronger cybersecurity community together!

Venue

Ticketing Partner

Aleena Jibin

Adhin V S

Bijoy B

Kishore Paul

Alfin Joseph

Arun Krishnan

About ISRA

Join a Thriving Cybersecurity Community.

Beginner or Expert-You Belong Here.

Whitebox Web Hacking: From Code Review to Exploitation

Workshop Description

Training Table of Contents

Introduction to Whitebox Web Hacking

SQL Injection

Arbitrary File Read (path.join bypass)

SSRF (Server-Side Request Forgery)

Pickle Deserialization

Server-Side Template Injection (SSTI)

File Write Vulnerabilities

Command Injection

Vulnerability Chaining

Secure Coding & Mitigations

Prerequisites

Trainer(s)

Alfin Joseph

Arun Krishnan

Let’s connect and build a stronger cybersecurity community together!

Venue

Ticketing Partner

Aleena Jibin

Aleena Jibin

Adhin V S

Adhin V S

Bijoy B

Bijoy B

Kishore Paul

Kishore Paul

Alfin Joseph

Alfin Joseph

Arun Krishnan

Arun Krishnan

Whitebox Web Hacking:
From Code Review to Exploitation