Exploiting Websites Hands-On

Presented at BSidesSF 2017, Feb. 13, 2017, 1:30 p.m. (120 minutes)

Exploiting Websites Hands-On Participants will do a series of challenges including: Command Injections Buffer overflows InageMagick exploitation SQL injection Defeating client-side validation with Burp Exploiting ECB-Encrypted Tokens PHP Insecurities You will need a computer with any OS. All you need is a Web browser, Java, and Burp.

Presenters:

• Sam Bowne
  City College San Francisco Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at DEFCON, HOPE, BayThreat, LayerOne, and Toorcon, and taught classes and many other schools and teaching conferences. He has a B.S. in Physics from Edinboro University of Pennsylvania and a Ph.D. in Physics from University of Illinois, Urbana-Champaign. Industry certs: CISSP, CEH, CCENT, WCNA, and more.

Links:

• https://bsidessf2017.sched.com/event/9IMb/exploiting-websites-hands-on

Similar Presentations:

• Diana Initiative 2019 / Exploiting Web Apps: Hands-On