Past Meetup

OpenLate @ OpenDNS - Penetration Testing Workshop

This Meetup is past

157 people went

Location image of event venue

Details

OpenLate provides an evening hack lounge with themed tech talks at the OpenDNS office.

Tonight Shruti Gupta from the OpenDNS Security Engineering Team will be teaching Application Security and Secure Coding Practices through a penetration testing workshop using the Security Ninjas project (https://github.com/opendns/Security_Ninjas_AppSec_Training).

This will be an interactive hands-on workshop covering the top 10 Application Security vulnerabilities (OWASP Top 10 (https://www.owasp.org/index.php/Top_10_2013-Top_10)) during which, we would attempt to attack a vulnerable web application running in a Docker container.

Make sure you have the hacking lab setup ready before the session. Refer to the blog (https://engineering.opendns.com/2015/03/16/security-ninjas-an-open-source-application-security-training-program/) for detailed instructions.

Summary of the setup:

1) Be able to run Docker images locally, e.g. through Docker, Boot2Docker, etc.

2) Install Firefox and Burp Suite free edition (http://portswigger.net/burp/download.html)

3) Configure Firefox to proxy using localhost:8080

4) Start a container from this (https://registry.hub.docker.com/u/opendns/security-ninjas/) Docker repository

Still confused or stuck? Come a few minutes before the session starts and we can help you set everything up!

For more information, please check out Shruti's blog post on the OpenDNS Engineering Blog (https://engineering.opendns.com/2015/03/16/security-ninjas-an-open-source-application-security-training-program/).

..And wait, Did we mention there would be SWAG too? :)