<h1>Web 102</h1>
<p><strong>Date</strong>: 2022-11-23</p>
<p><strong>Difficulty</strong>: Intermediate</p>
<p><strong>Delivered By</strong>: Chris Taperell</p>
<h2>Overview</h2>
<p>This session builds on the content we covered in
<a href="https://sucss.org/events/22-23/web101">Web 101</a>. We will cover the "Big Three"
of web vulnerabilities and other attacks with some hands on challenges
including command injection, SQL injection (SQLI) and Cross Site Scripting (XSS).
Some familiarity with <a href="https://portswigger.net/burp/communitydownload">Burp Suite</a>
is useful, although we will give a quick refresher on it in the session.</p>
<h2>Prerequisites</h2>
<p>Familiarity with topics from <a href="https://sucss.org/events/22-23/web101">Web 101</a>
will help in this session, including:</p>
<ul>
<li>HTTP/HTTPS</li>
<li>HTML</li>
<li>Inspect Element and Burp Suite</li>
</ul>
<p>Knowledge of SQL will also be useful for some challenges.</p>
<p>You will need <a href="https://portswigger.net/burp/communitydownload">Burp Suite</a> (or
similar tools) installed for some challenges.</p>
<h2>Session Link</h2>
<p>The session can be accessed at <a href="https://web102.sucss.org">https://web102.sucss.org</a></p>
<h2>Useful resources</h2>
<ul>
<li><a href="https://sucss.org/docs/burpsuite">Burp Suite Setup Guide</a></li>
<li><a href="https://sucss.org/docs/sql">SQL Introduction</a></li>
</ul>
