Presenter: Scott Hand
Date: 8 Sept 2012
Description: This presentation goes over some basic attack techniques for compromising web applications. A brief background on web applications and HTTP is given. Vulnerabilities covered include parameter tampering, SQL injections, Cross Site Scripting, Cross Site Request Forgery, and general tips on attacking web applications. There was a web CTF with new problems for the course, and a link to the source of the problems is provided below. All of them may be run from a typical LAMP server except for CommentSpace, which requires Ruby on Rails to run.