Null offensive hacking hands-on training.
Proposed sessions for this event:
- Attacking DVNA (Damn Vulnerable NodeJS Application) by Subash SN
The objective of the workshop is to provide hands-on experience in exploiting vulnerabilities while providing an opportunity to understand the cause and fixes for the vulnerabilities.
## Plan for the workshop:
1. Hands-on practice of exploiting vulnerabilities in DVNA
2. Understanding the cause of vulnerabilities
3. Fixing / Discussing fixes for vulnerabilities
Depending on the pace of the workshop, I aim to cover most of the following vulnerabilities
- SQL and command Injection
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities
- Broken Access Control
- Security Misconfiguration
- Cross-Site Scripting (XSS)
- Insecure Deserialization
- Using Components with Known Vulnerabilities
- Cross Site Request Forgery
- Unvaidated Redirects and Forwards
## Basic Requirement:
1. Basic understanding of OWASP Top 10 and some prior development experience.
2. Students must have Burp Suite Community / Pro setup on their laptop. The session requires internet and students must be able to tether their mobile/portable hotspot for internet access.
Date | Saturday June 30 2018 |
---|---|
Chapter | Bangalore |
Registrations | 37 |
Max Registrations | 40 |
Event Type | Invite Only |
Start Time | 09:00 AM |
End Time | 06:00 PM |
Session Schedule
Name | Speaker | Start Time | End Time | Resources |
---|---|---|---|---|
Attacking DVNA (Damn Vulnerable NodeJS Application) | Subash SN | 09:00 AM | 06:00 PM |
Venue
This is an invite only event. If you are selected you will receive further information via e-mail.