Table of Contents generated with DocToc
- Deploy a vulnerable application on AWS (e.g.
RailsGoat
) - Attack the application using different techniques (OWASP TOP 10):
- Command Injection
- SQLi
- XSS
- Auth Bypass
TIME | TOPIC |
---|---|
5 PM - 5:50 PM | Intro to Security Tools and simple AWS Deployment |
6 PM - 6:45 PM | LAB: Deploy RailsGoat via CloudFormation & attack |
7 PM - 7:50 PM | LAB: Attack RailsGoat ... continued |
8 PM - 9 PM | LAB: AWS Account Takeover |
- Write custom Account Takeover script/utility
- Write custom NMAP script
- Write custom Metasploit Module
RailsGoat
Lessons- Metasploit Unleashed