Schedule/Training Details

Art of Mass Scanning

Mass scanning is a crucial component of any effective security assessment process. In today's digital world, security breaches and cyber attacks are becoming more frequent and sophisticated, making it essential to have comprehensive security measures in place. To achieve this, security professionals use mass scanning tools to identify potential vulnerabilities and weaknesses in large-scale networks, web applications, and infrastructures.

One of the key advantages of mass scanning is scalability. With the help of automated scanning tools, security professionals can scan a large number of hosts, IP addresses, and processes in a relatively short amount of time. This saves a significant amount of time compared to manually scanning, allowing security teams to focus on analyzing the results and remediating vulnerabilities. Moreover, mass scanning can be done at a much larger scale than manual scanning, allowing for a more thorough assessment of the security posture of an entire infrastructure.

Mass scanning is a valuable process for security professionals, as it enables the efficient identification and assessment of security vulnerabilities and weaknesses in large networks or infrastructures. By automating the scanning process, it can save significant time and resources.

Why Take This Course

★ Gain the ability to perform mass scanning at scale, allowing you to efficiently identify potential vulnerabilities and weaknesses in large networks or infrastructures.

★ Learn techniques for enhancing Bash and Python scripts, enabling you to automate boring and repetitive tasks, speed up your scripts, and improve efficiency and accuracy.

★ Develop the skills to create automation bots that can operate in multi-environment environments, streamlining and optimizing security processes.

★ Understand the potential of microservices-based applications, APIs, and Slack integration to improve communication and efficiency in security processes.

Who Should Attend

★ Software developers, security engineers, architects, researchers, bug bounty hunters, system administrators, students, and curious security professionals who would like to expand their skills.
★ Anyone interested in keeping relevant knowledge and skills in the real world of application security with automation.

Key Learning Objectives / Agenda

Day 1

Introduction to mass scanning

○ What is masscaning

○ Why Mass scanning is needed

Using python to enhance your exploits

○ Python Threading

○ Python Multithreading

○ Python Asynchronous Computation

○ Speed up your exploits

○ Writing an XSS finder python Script

○ Enhancing the python script

○ Make it faster than your thought

○ Automate the hell out of XSS

Bash Programming

○ Introduction to Bash scripting

○ Automating your boring tasks using bash

○ Enhancing your bash scripts

○ Speed up your bash scripts

Yaml templating

○ Understanding working of nuclei

○ Creating your first nuclei template

○ Enhancing execution of nuclei

○ Parallel execution of nuclei

○ Distributed nuclei execution

Day 2

Axiom

○ Introduction to Axiom

○ Why is Axiom needed?

○ Demo

Creating your first Automation BOT on multi cloud environment

○ Introduction to python Flask

○ Introduction to micro services

○ Building micro services based applications

○ Creating API’s over your security tools

○ Deploying Microservices

○ Slack Integration

Scanning 2.3m of npm packages

○ Creating a single threaded python/bash POC script

○ Distributing the workload

○ Doing magic

○ Collecting results in just 3 hours for 2.3m packages

Prerequisites

To fully understand and implement the concepts covered in this course, some basic knowledge and experience in programming is required, particularly in Python and Bash. This includes an understanding of variables, data types, loops, and conditional statements in both languages.

Additionally, knowledge of basic web development concepts such as HTML, CSS, and JavaScript will be helpful in understanding the mechanics of web application security.

Familiarity with web application security, network scanning, and penetration testing will also be beneficial. This includes an understanding of common web application vulnerabilities such as Cross-Site Scripting (XSS), SQL injection, and CSRF, as well as techniques for scanning and exploiting these vulnerabilities. Experience with using security tools such as OWASP ZAP, Burp Suite, or similar tools will also be useful.

Along with the other prerequisites, it is also helpful to have familiarity with Model-View-Controller (MVC) framework architecture. This is a common architecture used in web development, and understanding its principles can be helpful in building and testing web applications.

Requirements

★ Linux/Mac/Windows any laptop
★ Laptop with minimum 8GB RAM and 40GB free hard disk space with USB ports and virtualization enabled/available.
★ Students must have full control of the laptop (can install required software and tools)
★ Ability to connect to the internet (The class requires going online).
★ An active AWS account for each student (free tier or otherwise) is required

Session Details

Date & Time
April 27, 2026 9:00 AM
Duration
16 hours
Format
in-person
Level
intermediate
Price
...

Course Trainers

Hassan Khan

Hassan Khan

Director

Laburity

Hassan Khan is a highly experienced Security Researcher with a proven track record of internet-wide scanning and penetration testing. A sought-after s...
Danish Tariq

Danish Tariq

Director

Laburity

Danish Tariq is a Security Engineer by profession and a Security researcher by passion. He has been working in Cyber Security for over 10 years and it...