Null offensive hacking hands-on training.
Proposed sessions for this event:
- Attacking DVNA (Damn Vulnerable NodeJS Application) by Subash SN
The objective of the workshop is to provide hands-on experience in exploiting vulnerabilities while providing an opportunity to understand the cause and fixes for the vulnerabilities.
## Plan for the workshop: 1. Hands-on practice of exploiting vulnerabilities in DVNA 2. Understanding the cause of vulnerabilities 3. Fixing / Discussing fixes for vulnerabilities Depending on the pace of the workshop, I aim to cover most of the following vulnerabilities - SQL and command Injection - Broken Authentication - Sensitive Data Exposure - XML External Entities - Broken Access Control - Security Misconfiguration - Cross-Site Scripting (XSS) - Insecure Deserialization - Using Components with Known Vulnerabilities - Cross Site Request Forgery - Unvaidated Redirects and Forwards
## Basic Requirement:
1. Basic understanding of OWASP Top 10 and some prior development experience. 2. Students must have Burp Suite Community / Pro setup on their laptop. The session requires internet and students must be able to tether their mobile/portable hotspot for internet access.
|Date||Saturday June 30 2018|
|Event Type||Invite Only|
|Start Time||09:00 AM|
|End Time||06:00 PM|
|Name||Speaker||Start Time||End Time||Resources|
|Attacking DVNA (Damn Vulnerable NodeJS Application)||Subash SN||09:00 AM||06:00 PM|
This is an invite only event. If you are selected you will receive further information via e-mail.