From skid to less than skid: Fraq learns to hack webapps

fraq · February 23, 2017, 9:41pm

Okay, I’ve spent a while doing security but very little of it focused on web apps. Like, almost none. As a sys admin, I’m more concerned about hardening my OS and learning fun things like buffer overflows and interesting network attacks.

That said, I find myself in a position now where I need to learn a lot more about web apps and learn it fast. I’m going to assume I’m starting from the bottom here and will let you tag along as I explore this area.

There isn’t really any content for this post other than to let y’all know I’ll be talking like a noob for the next few weeks.

First adventure: finding an XSS by accident

oaktree · February 23, 2017, 10:11pm

Are you going to focus on PHP, JS, what?

fraq · February 23, 2017, 10:12pm

The app I’ll be working against is mostly JS

VVid0w · February 23, 2017, 10:15pm

I’ll be looking forward to seeing how you progress as well as following you along in your journey!

_py · February 23, 2017, 10:23pm

Should we expect browser exploit demos later on?

ricksanchez · February 23, 2017, 10:58pm

Sounds good. I don’t know much about webapps so i hope to learn a thing or two as well here!

fraq · February 23, 2017, 11:09pm

If I get that far

Kage · February 24, 2017, 6:48pm

Really good idea, I’ll definitely keep reading your articles, thanks in advance.

dtm · March 2, 2017, 7:49am

Keen. Currently sitting in my first websec lecture.

fraq · January 21, 2018, 12:41am

This topic was automatically closed after 30 days. New replies are no longer allowed.