The Information Security workshop intends to disseminate information and create awareness about web and network applications security.
The workshop will cover Web Application Security (OWASP 2013 Top Ten) and Network Security using Nmap and Metasploit.
This workshop is open to anyone with an interest in Information Security and to students / freshers who want to learn the basics of Web Application Security and Network Security. This workshop will be conducted for women participants only.
The main objective of this workshop is to reach out to women in technology, and get them to actively participate in security conferences and community meetups.
Shruthi Kamath and Apoorva Giri will conduct this workshop. They have conducted workshops of this nature in the past, and have an interest in promoting awareness about security issues in the community.
This workshop is free to attend.
Date: 17th January, 2015 Venue: HasGeek House No. 2699, 19th Main, 5th Cross, Indiranagar HAL 2nd Stage, Bangalore - 560008
Registrations are open at: https://in.explara.com/e/info-sec-workshop
For more details, contact firstname.lastname@example.org
The instructors will explain the different types of attacks on Web Applications and Network Applications with the help of demos. Participants will follow the instructors on their laptops.
The following topics will be covered in this section:
- Network Scanning using Nmap.
- Exploitation of vulnerable services using Metasploit
- OWASP Top 10 for Web applications
A2-Broken Authentication and Session Management
A3-Cross-Site Scripting (XSS)
A4-Insecure Direct Object References
A6-Sensitive Data Exposure
A7-Missing Function Level Access Control
A8-Cross-site Request Forgery (CSRF)
A9-Using Components with Known Vulnerabilities
A10-Unvalidated Redirects and Forwards
• A laptop with Admin privileges.
• At least 10 GB of free space.
• Minimum 2GB Ram.
• Operating System any of the following: OSX , Win 7 and above, Ubuntu 12.0.4.
• VMware OR VirtualBox 4.x.x installed.
• Kali OS iso from https://www.kali.org/downloads/
• Download OWASP BWA version 1.1.1 from http://sourceforge.net/projects/owaspbwa/files/
Apoorva Giri works as a Security Analyst with iViZ Security (a Cigital company). She has presented a workshop on “Cyber Security and Ethical Hacking for Women” at c0c0n 2014at Kochi, Kerala. Her interests lie in Web Application Security and Mobile Security. She’s an active member of Null/OWASP Bangalore Chapter. She has been listed on the Barracuda Hall of Fame for finding vulnerabilities on their application.
Shruthi Kamath works at Infosys Limited. She is a certified Ethical Hacker from EC Council. She has presented a workshop on “Cyber Security and Ethical Hacking for Women” at c0c0n 2014. She has conducted a one day workshop on “OWASP TOP 10” at Null Bangalore chapter. She has presented on “Secure SDLC” at c0c0n Conference 2013.She has participated at Jailbreak NULLCON 2014. She presented a talk on “Cybercrimes in India and its Mitigation” at the National Conference for Women Police held at Trivandrum. She is an active member of Null/OWASP Bangalore Chapter. Her area of interest is Web Application Security.