SOPH LAB IN APPLIED COMPUTING
Security Training Platforms Pt. 1
By Li-Wey Lu
Agenda
Homework
Quiz
Assignment Drop
Security Training Platforms
Next Week
Homework
Homework – Due Next Week
Create a Python script that solves http://10.15.1.10:8080/injection/lab_3/index.php
Pip install requests
Use the uploaded template to help get you started
OR
Find three more vulnerabilities in CandyPal (http://10.15.1.10:9090)
Provide the following per vulnerability:
Name
Image
Description
Quiz
Quiz – Answers
Q1. Which of the following is not a type of Cross-Site Scripting?
A1. Mirrored
Q2. What does SOP stand for?
A2. Same Origin Policy
Q3. What does CORS stand for?
A3. Cross-Origin Resource Sharing
Q4. Cross-Site Scripting attacks can only be performed against HTTP GET requests
A4. False
Q5. SOP looks at the protocol, host, and port
A5. True
Assignment Drop
Assignment Drop – Overview
Lowest homework score will be dropped
Lowest quiz score will be dropped
Security Training Platforms
Security Training Platforms – DVWA
NAME: Damn Vulnerable Web Application (DVWA)
DETAILS: Link
USERNAME: admin
PASSWORD: password
Security Training Platforms – WebGoat
NAME: OWASP WebGoat
DETAILS: Link
URL: http://10.15.1.10:8083/WebGoat
USERNAME: Register New User
PASSWORD: Register New User
Next Week
Next Week
Topic:
Security Training Platforms Pt. 2
Assignments:
Week 5 Homework
Week 5 Quiz