Exploiting Websites Hands-On

B-Sides SF

Mon, Feb. 13, 2017

Participants will do a series of challenges, as shown below.

You will need a computer with any OS. All you need is a Web browser, Java, and Burp.


Command Injection Projects
1. Ping Form Winners
2. Buffer Overflow Winners
3. ImageMagick Winners


4. SQL Injection Winners 1
Winners 2
5. PHP Vulnerabilities (Only Examples)
6. Logic Flaws


7. Exploiting ECB-Encrypted Tokens with Burp
8. Challenge: Exploiting ECB Encryption
9. Exploit Hackazon
10. Entire "Securing Web Applications" Course

Last modified 2-13-17 7:30 am