South Dakota/November 2009

From OWASP
Jump to: navigation, search

WHEN

   November 18, 2009 at 7 pm

WHERE

   University Center - South (next to Southeast Technical Institute) Room 177 - located at 2205 N. Career Ave. St Sioux Falls, SD 57107 - this is the building next to Southeast Tech.

AGENDA

DSU will be bringing their mobile lab for us to use for some hands-on training. We will be using a Virtual Machine specifically setup for training on InfoSec (think WebGoat). This will be a great opportunity to dig into some of the OWASP Top Ten items and work with them in a simulated e-commerce environment. Josh Pauli will also be available to help provide guidance/assistance during this lab. The items that we will be covering includes:

   * Reflected XSS
   * Stored Xss
   * SQL Injection
   * Steal money from the store
   * XSRF (Cross-Site Request Forgery)
   * Steal songs/Download songs for Free
   * Permanently lock users out of their account
   * Chained Exploit

This will be a great lab for individuals of all skill levels, from beginner to someone experienced in InfoSec this lab will provide challenges for every level. The lab will be open for discussion as we work through the challenges (and we will also be providing solutions) so there will be plenty of time to discuss the vulnerabilities/exploits and countermeasures as we work through them. We hope to see you there!