Skip to content

Latest commit

 

History

History
 
 

Week-3

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 

Table of Contents generated with DocToc

WEEK 3: Security

OBJECTIVES

  • Deploy a vulnerable application on AWS (e.g. RailsGoat)
  • Attack the application using different techniques (OWASP TOP 10):
    • Command Injection
    • SQLi
    • XSS
    • Auth Bypass

AGENDA

TIME TOPIC
5 PM - 5:50 PM Intro to Security Tools and simple AWS Deployment
6 PM - 6:45 PM LAB: Deploy RailsGoat via CloudFormation & attack
7 PM - 7:50 PM LAB: Attack RailsGoat... continued
8 PM - 9 PM LAB: AWS Account Takeover

BONUS LABS

  • Write custom Account Takeover script/utility
  • Write custom NMAP script
  • Write custom Metasploit Module

ASSIGNMENTS

  • RailsGoat Lessons
  • Metasploit Unleashed