Limited Capacity filling up https://www.bsidesslc.org/signup.html This is a hands-on practical workshop in which you will be attacking old vulnerable versions of popular web applications. This workshop will teach you the thought process and practical skills necessary to begin performing web application security assessments at a professional level. You will be taught how to efficiently identify, exploit, and document several of the most prevalent web vulnerabilities. We will also learn how these vulnerabilities can be remediated. We will delve into topics such as: SQL Injection (SQLi), Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and External Entity Injection (XXE). We’ll also briefly cover parameter manipulation, functional access control, and filter evasion. This workshop is aimed at beginners with a background in technology. If you can install a virtual machine on your computer, know a few Linux shell commands, and have some exposure to technologies such as PHP and MySQL, then you’re the perfect candidate. If you’ve already started delving into web exploits and simply want to learn how to work more efficiently, even better (but not a requirement!). If you haven’t done any of the previous this workshop will have a bit of a learning curve, and may require some independent study beforehand.