Web Hacking 101

Why spend all your time corrupting and controlling memory when you can type some text into your browser and get access to your target's data? The growing complexity of web applications, the increasing data stored behind them, and the low awareness and understanding of web security vulnerabilities are creating a situation that is well-suited for exploitation. Joe Hemler will explain some of the most common vulnerabilities in web applications in this video.

[homework to be filled in soon]

One last thing: The InfoSec industry likes to make up a lot of terms and there are a surplus of attention-grabbing folks who try and coin terms. Somebody made up this whole "Type 0", "Type 1", etc., naming scheme for XSS and placed it in Wikipedia. Nobody in the industry uses these terms and you'll likely be ridiculed if you use them. My personal preference is "Transient" and "Persistent" for the two types we discussed in the video. XSS != Diabetes.

Reading Material

Comment6 Comments |

Web Hacking 102

The public video for Web Hacking 102 had to be cut down because it contains answers to the homework assigned during the previous week. The remaining hour of video is kept under password protection and is made viewable only during the last week of the semester.

There is no homework for this week of class.

Reading Material

Comment2 Comments |