UPDATE: You can download the workshop slides here: https://janosch-braukmann.de/wordpress/wp-content/uploads/2025/12/39C3_Pwn_Basics.pdf
This is a beginners' workshop on web application security. No prerequisites in web application security are required. A certain (web application) development background is beneficial.
First, we will be playing a virtual escape the room game with challenges on a web application to get into an attacker's mindset. Then follows a quick introduction to the OWASP Top 10 vulnerabilities (2025 Release Candidate). Finally use the gathered knowledge to attack a vulnerable web application (https://github.com/Phylu/vulnerable-click-game) and see how these attacks can easily be prevented.
Please bring your (fully charged) laptop to be able to participate.