Event

Der Hub wird spätestens Ende Januar archiviert, alle nutzerbezogenen Inhalte, Boards und auch einige Wiki-Seiten werden dabei entfernt. Alle öffentlichen Assemblies, Projekte und Veranstaltungen bleiben. // The hub will be archived by end of January. All user-provided content, boards and several wiki pages will be deleted. All public assemblies, projects and events will remain.

23:00
-
00:20

Day 2

Pwn Basics - Hacking Web Applications for Beginners

SoS Stage H

Dr. Affe

English

not recorded

Self-organized Session

UPDATE: You can download the workshop slides here: https://janosch-braukmann.de/wordpress/wp-content/uploads/2025/12/39C3_Pwn_Basics.pdf

This is a beginners' workshop on web application security. No prerequisites in web application security are required. A certain (web application) development background is beneficial.

First, we will be playing a virtual escape the room game with challenges on a web application to get into an attacker's mindset. Then follows a quick introduction to the OWASP Top 10 vulnerabilities (2025 Release Candidate). Finally use the gathered knowledge to attack a vulnerable web application (https://github.com/Phylu/vulnerable-click-game) and see how these attacks can easily be prevented.

Please bring your (fully charged) laptop to be able to participate.

Theme

Event

Theme