Cybersecurity Workshop

  • July 13, 2013 · 1:00 PM

*Understanding Web Vulnerabilities from a Penetration Testers Perspective*

Join us for the Women's Society of Cyberjutsu (WSC) Cybersecurity Workshop hosted from our Washington, DC location. This is a hands-on, practical workshop where you will put into practice those things you may have read or covered in a class. This is also a great way to keep your skills fresh if you’re a veteran.

Every workshop addresses beginner and advanced topic material. Beginners are encouraged to watch and learn as much as possible even though you may not have a clue. Exposure to new tools and techniques by watching will advance your learning process a lot quicker than trying to learn on your own. You will get to ask questions and see how it's done in the real world. Advanced attendees are encouraged to share and help answer "noob" questions as much as possible so everyone can learn from them.

Agenda:

The web has been evolving for the the last 20+ years. In that time people have gone from making static web pages in text and images, to ones that are more complicated with databases, scripting languages and style sheets. This has led to a merging of code and data, so much in fact that the browsers blur these aspects and sometimes don't even know what code is and what raw data is. If programmers don't validate the input of the users (or attackers) then the user may be able to take over control of the application and extract personal identifiable information (PII) from the back end database.

In this workshop we'll go over the basics of the web so you understand the background, then we will dive into some of the main areas that have become a problem in the past years. Each area section will be followed up with a hands on practice and tools to give some experience in how the given vulnerability can result in data loss.

globe

1. Review the Basics (DNS, HTML, PHP, CSS, JavaScript)

2. History of the Web, and why it is such a mess ( lack of input validation)

3. Man in the Middle attacks and HTTPS

4. Cross Site Scripting (XSS)

5. SQL Injection

6. Social Networking attacks and URL obfuscation

7. Browser Plugins and Vulnerabilities Surrounding them

 

We are please to have Joshua Schroeder (aka JoshInGeneral) present this workshop. Josh currently works as a Linux Administrator in the Washington DC Area for the federal government. He has a Masters degree from UNC Charlotte with a Concentration in Security and Privacy, where he founded of the 49th Security Division and was a two time winner of the South East Collegiate Cyber Defense Competition. He's done work for the military and private sector in the areas of web penetration testing, network security and defense R&D, as well as runs his own business doing web development and network setups.

In the last year he has taken up conference speaking engagements in the area of web security such as this one. In his free time he enjoys playing FPS's, Swimming, Traveling, and Scripting.

Requirements:

  • You must bring your own laptop.
  • Must be installed with Virtualbox.
  • Download the Backtrack virtual machine here,  extract and load in Virtualbox. Download version 5r3, Gnome, 32/64bit, VMware. 64bit will default to an ISO image.
  • Instructions here

Prerequisites:

  • Knowledge of basic networking and IT.
  • Good attitude, willingness to learn and share.

Remote Participation:

If you are attending remotely you must register on the website.Once registered, you’ll receive the meeting participation info by email the day before the workshop. Please have a working webcam/mic. Expect to join 15-30 minutes prior to test your technical configurations.

Cost:

Onsite - $20, Remote - $5

We only have room for 24 onsite so register early.

Refund Policy:

Refunds are offered if:

  • The workshop is cancelled
  • You cancel at least 1 day before the workshop; by 1000am Friday (7/12) morning

Use front door. POC:[masked]

Earn CPE's towards your certification

Food & beverages are provided

Free Parking

 

Join or login to comment.

2 went

  • Lisa F.
    Organizer
    Event Host
  • A former member

Your organizer's refund policy for Cybersecurity Workshop

Refunds offered if:

  • the Meetup is cancelled
  • you can cancel at least 1 day(s) before the Meetup

Additional notes: You cancel at least 1 day before the workshop; by 1000am Friday (7/12) morning

Payments you make go to the organizer, not to Meetup. You must make refund requests to the organizer.

People in this
Meetup are also in:

You don't have to be an expert to start your own Meetup Group

Get started Learn more
Katie

I'm surprised by the level of growth I've seen since becoming an organizer, it's given me more confidence in my abilities.

Katie, started NYC ICO

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy