Skip to content

NUSGreyhats/Web-Security-Workshop-2022

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Web Security Workshop

A simple web security workshop to discuss the fundamentals of different web vulnerabilities

Quick start

  1. Clone this repo
  2. cd into the repository
  3. Run docker-compose up

The challenges should be up now at the following addresses:

Local File Inclusion

  1. Basic: localhost:3000
  2. Exporting Data on Inspector Gadget: localhost:3001

SQL Injection

  1. Basic: localhost:3002
  2. Worker's Union: localhost:3008

XSS

  1. Basic: localhost:3003
  2. Getting the Staff cookies: localhost:3004
  3. Getting the admin: localhost:3005

OS Command Injection

  1. Basic: localhost:3006
  2. Safe-Cmd: localhost:3007

Prerequisites

  1. Docker

Resources to go with this repo

  1. Slides
  2. Burp Suite

Topics

  1. Cross Site Scripting
  2. Local File Injection
  3. OS Command Injection
  4. SQL Injection

For solutions refer to

  1. Solution.md

About

A Web Security Workshop by NUS Greyhats

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published