General hands-on event.
Proposed sessions for this event:
I will take hands-on- session on finding OWASP vulnerabilities and Bugs in Bug Bounty Hunting with live demo.
We will go through the following stages:
1. Configuration of Burp Suite
2. Information Gathering
3. OWASP Vulnerabilities:
i. Injection:
a. HTML Injection
b. File Injection
c. SQL Injection
d. Command Injection
ii. Cross Site Scripting (XSS)
iii. CSRF & SSRF
iv. HTTP Parameter Pollution
v. Source Code Disclosure
vi. Missing Functional Level Access Control
a. Directory Traversal – Directories & Files
b. Host Header Attack
c. Remote & Local File Inclusion (RFI/LFI)
d. XML External Entity Attacks (XXE)
vii. URL Redirection
4. Report Generation
Requirement:
- Laptop with Burp Suite tool & Firefox browser
Burp Suite can be downloaded by following link:
https://portswigger.net/burp/communitydownload
Speaker : Himanshu Gupta (https://null.co.in/profile/11271-himanshu-gupta)
Date | Saturday May 26 2018 |
---|---|
Chapter | Pune |
Registrations | 104 |
Max Registrations | Unlimited |
Event Type | Invite Only |
Start Time | 10:00 AM |
End Time | 01:00 PM |
Session Schedule
Name | Speaker | Start Time | End Time | Resources |
---|