Security Workshop

  SQL

Let’s venture into the world where “small” security mistakes could create a big impact, and where one simple mistake could affect the whole system. It’s time to dive into the rabbit hole that is using XSS, CSRF, and SQL injection.

This workshop will take place on Thursday, February 21, at the SolarWinds Brno office. We’ll focus on hacking techniques, how to use XSS, CSRF, and SQL injection against web applications and how to prevent against attacks.

Agenda:

XSS

  • Introduction
  • Classification/Types:
    • Reflected
    • Stored
    • DOM-based
  • Tools
  • Examples
  • Recommendations
  • Q&A

Cross-Site Request Forgery

  • Introduction
  • Classification/Types:
    • Reflected
    • Stored
    • DOM-based
  • Tools
  • Examples
  • Recommendations
  • Q&A

SQL

  • Introduction
  • Types:
    • In-band SQLi (Classic SQLi):
      • Union-based
      • Error-based
    • Inferential SQLi (Blind SQLi)
      • Boolean-based (content-based)
      • Time-based
    • Out-of-band SQLi
  • Tools
  • Examples
  • Recommendations
  • Q&A