Welcome to the Disobey Web App Hacking Workshop

Some instructions

1. read the introduction about the workshop: ( https://www.dropbox.com/s/8j2i8ea6p05ndy9/anttivi-Disobeywebapplicationhackingworkshop-110118-1049-191.pdf?dl=0)
2. give us your IP to open up the firewall
3. Install a HTTP proxy. Here are instructions for ZAP: (https://www.dropbox.com/s/isps6z89lt4gpv4/OK-OWASPZAPinstallation-110118-1032-189.pdf?dl=0)
4. Start hacking (you can start without the proxy.)

• Target 1, the minimal and easy one: http://34.241.53.48:5000
• Target 2, Google Gruyere: https://google-gruyere.appspot.com/start

How to hack?

• Ask for help and clarifications if necessary.. but first, do & try & try again.
• There are more than one way of discovering and exploiting things..
• Don't crash the server if you figure out a way to do it.

Afterwards

• Continue with Google Gruyere
• Hack something else too, like OWASP Juice Shop
• Go for bug bounties perhaps?
• If you are a developer, learn more about hacking and make better software for us all.
• Need a job? apply at https://www.solita.fi/avoimet-tyopaikat/