This is a beginners' workshop on web application security. No prerequisites in web application security are required. A certain (web application) development background is beneficial.

  • First, we will be playing a virtual escaple the room game with challenges on a web application to get into an attacker's mindset.
  • Then follows a quick introduction to the OWASP Top 10 vulnerabilities.
  • Finally use the gathered knowledge so far to attack a vulnerable web application (https://github.com/Phylu/vulnerable-click-game) and see how these attacks can easily be prevented.

Please bring your (fully charged) laptop to be able to participate.