Null offensive hacking hands-on training.

Proposed sessions for this event:

  • Attacking DVNA (Damn Vulnerable NodeJS Application) by Subash SN
Note: The session details including schedule are available below.

The objective of the workshop is to provide hands-on experience in exploiting vulnerabilities while providing an opportunity to understand the cause and fixes for the vulnerabilities.

## Plan for the workshop:

    1. Hands-on practice of exploiting vulnerabilities in DVNA
    2. Understanding the cause of vulnerabilities
    3. Fixing / Discussing fixes for vulnerabilities

    Depending on the pace of the workshop, I aim to cover most of the following vulnerabilities

    - SQL and command Injection
    - Broken Authentication
    - Sensitive Data Exposure
    - XML External Entities 
    - Broken Access Control
    - Security Misconfiguration
    - Cross-Site Scripting (XSS)
    - Insecure Deserialization 
    - Using Components with Known Vulnerabilities
    - Cross Site Request Forgery
    - Unvaidated Redirects and Forwards

## Basic Requirement:

  1. Basic understanding of OWASP Top 10 and some prior development experience.
  2. Students must have Burp Suite Community / Pro setup on their laptop. The session requires internet and students must be able to tether their mobile/portable hotspot for internet access.
Date Saturday June 30 2018
Chapter Bangalore
Registrations 37
Max Registrations 40
Event Type Invite Only
Start Time 09:00 AM
End Time 06:00 PM

Session Schedule

Name Speaker Start Time End Time Resources
Attacking DVNA (Damn Vulnerable NodeJS Application) Subash SN 09:00 AM 06:00 PM


This is an invite only event. If you are selected you will receive further information via e-mail.