Web security presentation

For this assigment, you'll create a short presentation (no more than 8 minutes, so there's a couple minutes left over for questions) about a particular type of web vulnerability.

See Slack for your small group assignment and your topic.

The topics

• Directory traversal
• Local file inclusion (distinct from but similar to directory traversal)
• Remote file inclusion
• Command injection
• File upload attack
• SQL injection

What your presentation should include

• a demo using Kali as the target and your host computer as the attacker

  • if you need a server-side programming language, please use PHP (as opposed to python, node.js, etc.)
  • use postgres if your vulnerability requires a database
• an explanation of how your vulnerability works
• a rough explanation of what you needed to do to set up your demo