[Owasp-austin] unsubscribe

Joey Spinella joey.spinella at ni.com
Fri Mar 4 22:36:23 UTC 2016


unsubscribe

From: owasp-austin-bounces at lists.owasp.org [mailto:owasp-austin-bounces at lists.owasp.org] On Behalf Of Matt Pardo
Sent: Sunday, February 28, 2016 5:11 PM
To: owasp-austin at lists.owasp.org
Subject: [Owasp-austin] Austin OWASP Study Group topic - OWASP Hacking Lab training


Hi Austin OWASP,

Our next study group topic has been chosen. We will be going through the OWASP Hacking Lab at https://www.hacking-lab.com/index.html

We will be starting with the OWASP Top Ten challenge first. So, we will be learning about the mechanics of each vulnerability and how they are exploited.

These include:

1) SQL injection
2) Cross-site scripting (XSS)
3) Broken authentication & session management
4) Insecure direct object references
5) Cross site request forger (CSRF)
6) Security misconfiguration
7) Insecure cryptographic storage
8) Failure to restrict URL access
9) Insufficient transport layer protection
10) Unvalidated redirects & forwards.

Our first meeting on March 3 will be making sure everyone is reading to go, i.e. they have an account and can get connected to the labs.

People who want to participate will need to do the following:

1) Go to https://www.hacking-lab.com/index.html and register an account
2) Go to security events and click "Register Now" for the OWASP Top Ten challenge
3) Go to the download section and select the download option you want. You can download a virtual machine (vmware, virtualbox) or a live CD iso. It is important to use one of their images because you will need to make a VPN connection to their labs in order to work on the challenges.

This should be a ton of fun!

Email me if you have any questions.

Thanks!

Matt Pardo

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20160304/503b3215/attachment.html>


More information about the Owasp-austin mailing list