Skip to content

NUSGreyhats/Web-Security-Workshop-2022

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
LFI
LFI
 
 
OS Cmd Inj
OS Cmd Inj
 
 
SQLi
SQLi
 
 
XSS
XSS
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Readme.md
Readme.md
 
 
Solution.md
Solution.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

Web Security Workshop

A simple web security workshop to discuss the fundamentals of different web vulnerabilities

Quick start

  1. Clone this repo
  2. cd into the repository
  3. Run docker-compose up

The challenges should be up now at the following addresses:

Local File Inclusion

  1. Basic: localhost:3000
  2. Exporting Data on Inspector Gadget: localhost:3001

SQL Injection

  1. Basic: localhost:3002
  2. Worker's Union: localhost:3008

XSS

  1. Basic: localhost:3003
  2. Getting the Staff cookies: localhost:3004
  3. Getting the admin: localhost:3005

OS Command Injection

  1. Basic: localhost:3006
  2. Safe-Cmd: localhost:3007

Prerequisites

  1. Docker

Resources to go with this repo

  1. Slides
  2. Burp Suite

Topics

  1. Cross Site Scripting
  2. Local File Injection
  3. OS Command Injection
  4. SQL Injection

For solutions refer to

  1. Solution.md

About

A Web Security Workshop by NUS Greyhats

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

5 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages