27 Jul 2023 Web application fuzzing (optional)
Fuzzing a Web application’s endpoints using ffuf.
The course will have (up to) eight hands-on practical sessions in the lab. In these labs, we’ll use practical tools to explore software, hosts, networks and the Web with a view to both attack and defence.
Fuzzing a Web application’s endpoints using ffuf.
Playing with a couple of common tools used by network defenders and attackers.
An opportunity to play with practical cryptography and see how easy it is to encrypt all of a user’s files.
An opportunity to play with root privilege and try out practical password cracking tools.
Practical exploitation of a vulnerable binary using integer arithmetic and return-oriented programming.
More exploration of low-level software basics: debugging in hard mode and (a very little bit of) tampering.
A reminder and exploration of low-level software basics: building and debugging (in "easy mode", i.e., with debugging symbols).
A guide to my expectations for lab reports that you submit in this course.