Kitsap Cyber Security Group

Penetration Testing & Ethical Hacking Workshop:

A deliberately vulnerable hosted web application (Wordpress Blog) that enables an attacker to perform a number of exploits, permitting access to both the application itself and the underlying operating system.

Techniques that will be illustrated include:  

Cross Site Scripting (XSS, Stored and Reflective)  

SQL Injection (authentication bypass, credential dumping)  

Directory Traversal (Unauthorized filesystem access)  

Password hash cracking (JTR) "  

If there is time (cannot say for sure yet), I would also really like to demonstrate the effectiveness of a low-bandwidth denial of service tool for web servers called Sloloris:   http://ha.ckers.org/slowloris/   There are a number of characteristics that make this a novel DoS utility, while staying very simple to use.

Join or login to comment.

  • Terri A.

    Great job Kyle, I learned so much from the workshop

    March 21

  • Michael H.

    Good job discussing very technical details of web application hacking, done at a level everyone could understand.

    March 20

  • Sean

    Awesome presentation, thanks Kyle. Liked how the lab was setup to do the demonstration.

    March 20

People in this
Meetup are also in:

Imagine having a community behind you

Get started Learn more
Rafaël

We just grab a coffee and speak French. Some people have been coming every week for months... it creates a kind of warmth to the group.

Rafaël, started French Conversation Group

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy