Texas State Working Connections
Summer 2023 Cyber Buffet

July 17-21, 2023

Sam Bowne


To join the class:

Monday: Securing Web Applications

Practice finding, exploiting, and preventing the most important vulnerabilities in modern web applications, including SQL injection, command injection, broken authentication, Cross-site scripting, CSRF, SSRF, and many more, using the Burp suite and the Web Security Academy.

Tuesday: Securing APIs

Insecure Application Programming Interfaces (APIs) are responsible for many critical security breaches, because they operate in the background, and are not visible to end users. We will explore two insecure APIs covering the OWASP API Top Ten vulnerabilities and hack them using Postman and Burp.

Wednesday: Attack Techniques

Covers essential skills for penetration testing, including command-line operations, SQL injection, port scanning, packet crafting, password cracking, using and developing Metasploit modules, and more.

Thursday: Network Security Monitoring with Splunk

We will cover the essential functions of Splunk, the leading Security Information and Event Management (SIEM) tool, and use it to analyze attacks including brute-forcing a login, malware injection, and ransomware.

Friday: ARM Assembly and Exploitation

We will prepare ARM emulators and use them to write ARM code and exploits, including assembly, disassembly, and debugging. We will use both Metasploit and manually-written shellcode to exploit vulnerable ARM applications.

Last Updated: 3-9-23 1:25 pm