This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Here’s the schedule for this year. Registering here does not count. You MUST register to attend any of these. You may register here: https://www.bsidesslc.org/registration.html

You cannot manually add workshops to your schedule. You need to go register for them at https://www.bsidesslc.org/signup.html, and then the workshp will be added to your schedule.
View analytic
Thursday, March 9 • 1:30pm - 5:30pm
Practical Web Application Exploitation REGISTER FIRST
Feedback form is now closed.
Limited Capacity filling up


This is a hands-on practical workshop in which you will be attacking old vulnerable versions of popular web applications. This workshop will teach you the thought process and practical skills necessary to begin performing web application security assessments at a professional level. You will be taught how to efficiently identify, exploit, and document several of the most prevalent web vulnerabilities. We will also learn how these vulnerabilities can be remediated. We will delve into topics such as: SQL Injection (SQLi), Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and External Entity Injection (XXE). We’ll also briefly cover parameter manipulation, functional access control, and filter evasion.
This workshop is aimed at beginners with a background in technology. If you can install a virtual machine on your computer, know a few Linux shell commands, and have some exposure to technologies such as PHP and MySQL, then you’re the perfect candidate. If you’ve already started delving into web exploits and simply want to learn how to work more efficiently, even better (but not a requirement!). If you haven’t done any of the previous this workshop will have a bit of a learning curve, and may require some independent study beforehand.

avatar for Jessica Ryan

Jessica Ryan

Jessica breaks websites. She aspires to break more websites. She has worked as a security consultant for four years, performing penetration tests and vulnerability assessments for clients through the UK and Europe. She has an unhealthy obsession with obscure cryptographic challenges, and is determined to solve the Voynich Manuscript. She thinks that blockchain technology and NFC are also pretty cool. In her free time she enjoys competing in CTFs... Read More →

Thursday March 9, 2017 1:30pm - 5:30pm
Workshop 2 Salt Palace Convention Center

Twitter Feed