This 90-minute virtual workshop will explore simple web application attacks that can occur against social media accounts, online bank accounts, learning management systems, etc. Attendees will perform these attacks as both the malicious attacker and victim using. They will learn how these attacks work as well as how they can defend themselves against these attacks. This workshop will utilize two web applications: DVWA and Juice Shop.
The following Labs are covered in this workshop:
- Command Injection Lab
- Metadata La
- SQL Injection (DVWA) Lab
- SQL Injection (Juice Shop) Lab
- XSS DVWA Lab
- XSS Juice Shop Lab
Prerequisites & Participant Requirements: Due to grant funding restrictions, this workshop is only open to K-12 educators in the US. This workshop is geared towards beginners. If you have never used Linux before, you may find it helpful to complete the Linux 101 (October 25) and Linux 102 (November 11) workshops beforehand.
Participants will receive access to online curriculum materials as well as a temporary log-in to the U.S. Cyber Range. We recommend having two screens available if possible: one for the Zoom meeting (this can be a tablet or a desktop/laptop) and one for the cyber range (must be a desktop or laptop).
***PLEASE NOTE TIME IS CST***