• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

  • Secure360 TC
  • Keynotes
  • FAQs
  • Secure360 Sponsors

Hacking Workshop: Twin Cities vs. OWASP Juice Shop (FULL DAY)

In this workshop you can test your skills in hacking modern web applications against the OWASP Juice Shop! There are 47+ challenge that are waiting to be solved, ranging from simple functional problems and the usual XSS/SQLi issues over severe authentication flaws to multi-step & multi-path attacks against the discount coupons issued by the application! How many challenges can you beat? During the workshop you can get some first-hand hints in case you get stuck. At the end of the workshop there will be a demo of some of the more mindboggling challenges – but only for those, who don’t want to solve them on their own later!

Intended audience: Developers and pentesters with at least basic understanding of common web application vulnerabilities

Skill level: The workshop does not assume an in-depth knowledge of software security.

Requirements:
– laptop with OWASP Juice Shop installed using one of the setups described in https://github.com/bkimminich/juice-shop#setup
– internet browser with some API testing plugin (e.g. PostMan for Chrome)
– (optionally) any kind of pentesting tools

Key learning points:
  • Let loose your pentesting skills against a 100%-Javascript webapp.
  • Experience multi-stage attacks on a modern web application.
  • Go way beyong OWASP Top 10-listed vulnerabilities.

About Björn Kimminich

Björn Kimminich works as an IT architect and application security officer for Kuehne + Nagel. On the side, he gives IT Security lectures at the non-profit private university Nordakademie. Kimminich also is the project leader of the OWASP Juice Shop and a board member for the German OWASP chapter.

Primary Sidebar

Details

Thursday May 17, 2018
9:00 AM - 3:00 PM
200IJ
Level: Intermediate

Share this page

Share on Facebook
Facebook
Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin
Buffer this page
Buffer
Email this to someone
email

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.