There'll be no preamble this week, I want to get straight to the point.
This Week's Event
Malicious Requests: Defacing Dr Plump's Website
Thursday 21st November 17:00 - 19:30 @ CSE/270
This week we're going to be exploring website security by (cough) reverse-engineering an existing website. You'll have the chance to attack the website of a fictitious cosmetic surgeon called Dr Fergus Plump using techniques such as SQL Injection, client request modification and observing secrets. Examples of tasks we'll look at: revealing hidden negative reviews, getting free treatments and deleting all appointments from his schedule. I emphasize that such techniques should be practised with consent only and that this session is purely for educational purposes to help you better understand how to secure your own websites against similar attacks.
I've been talking about this event for weeks and it has taken me a lot of time to plan so I really hope you can join us in CSE/270 @ 17:00 on Thursday 21st November. Drop in at any time, even if you can't get there at 17:00. There will be content for all ability levels and so hopefully you'll have fun whether or not you've done this before. Membership is never required.
Have a good week,
Will & The YorDevs Team
