An event focused on web security. Every week, we work our way through the PortSwigger Academy topics list and (try to) solve a few labs! The event currently only happens in person and mostly in German, but we will accommodate any requests for English.
If you want to reach out, have ideas for topics or questions around the event, feel free ping cyaniccerulean.
Here's a list of all the events giving you a brief idea on what we're doing:
Has description | |
---|---|
Web-foo/2023-02-22 | Clickjacking |
Web-foo/2023-02-15 | File Upload Vulnerabilities |
Web-foo/2023-02-08 | Information Disclosure Vulnerabilities |
Web-foo/2023-02-01 | HTTP Host Header Attacks |
Web-foo/2023-01-25 | Insecure Deserialization |
Web-foo/2023-01-18 | Insecure Deserialization |
Web-foo/2023-01-11 | Web Cache Poisoning |
Web-foo/2023-01-04 | Web Sockets |
Web-foo/2022-12-21 | Business logic vulnerabilities |
Web-foo/2022-12-14 | Authentication Vulnerabilities |
Web-foo/2022-12-07 | Authentication Vulnerabilities |
Web-foo/2022-11-30 | Authentication Vulnerabilities |
Web-foo/2022-11-23 | Authentication Vulnerabilities |
Web-foo/2022-11-16 | Authentication vulnerabilities |
Web-foo/2022-11-09 | Access control vulnerabilities |
Web-foo/2022-11-02 | Directory Traversal |
Web-foo/2022-10-26 | Server Side Template Injection |
Web-foo/2022-10-19 | OS injection |
Web-foo/2022-10-12 | HTTP request smuggling |
Web-foo/2022-10-05 | SSRF |
Web-foo/2022-09-28 | XXE |
Web-foo/2022-09-21 | CORS |
Web-foo/2022-09-14 | DOM based vulnerabilities |
Web-foo/2022-09-07 | CSRF |
Web-foo/2022-08-31 | XSS |
Web-foo/2022-08-24 | SQLi |
Web-foo/2022-08-18 | Web Basics |
other topics
- JWT
- GraphQL
- Prototype Pollution
- https://www.hackthebox.com/
(add topics at the bottom of the list)