| Authentic | True |
| Event | Hands-on Web Security |
| Name | Mahesh Badge |
| Date | June 15-23, 2024 |
| Coordinator | Prof. Kameswari Chebrolu |
| Dean | Prof. Siddhartha Ghosh |
Course Content
- Module 1: Web Background delves into foundational topics such as web page structure, browser internals, server internals, web protocols and session management.
- Module 2: Server Side Attacks and Defense covers critical threats like SQL injection, SSRF, authentication, access control, file upload vulnerabilities, path traversal, command injection and DDOS.
- Module 3: Client Side Attacks and Defense addresses threats such as CSRF, XSS, CORS, Clickjacking and Web sockets.
- Module 4: Miscellaneous Topics include web security landscape, application firewalls, third-party code risks, Web LLM attacks and subdomain take over.
Practical sessions cover many of the above attacks and will equip participants with hands-on experience in launching attacks. ZAP and Firefox developer tools are also covered to assist participants in performing above attacks.