Monthly Archives: October 2021

Web Application Security: SQL Injection Attacks In this lab we walk through the sql injection exercise on the Damn Vulnerable Web Application in low, and medium and as a bonus I did the high security level as well.

This lab focuses on network forensics. We analyze a packet capture to retrieve HTTP requests, and websites visited as well as identify a few emails that were sent and carve our an image attachment from one of the emails.

This week we use msfvenom to tailor an exploit with a payload to target a vulnerable Windows 7 box and establish a reverse shell in Metasploit.

In this lab we use nmap to find open ports on a vulnerable Windows machine, and then use Metasploit to identify a module to target the open port/service to DoS the box.

In this lab we take a look at how Snort rules are written and configured, as well as how to make use of them when they are noisy. We then look at iptables, and configure a local host-based firewall to … Continue reading →