Intro to Cybersecurity: Web Penetration Testing from First Principles: In this dynamic and engaging course designed especially for high school students, we will take students on an interactive adventure into the realm of web penetration testing, where they will learn to think and act like cybersecurity professionals. This course will open and expand on students knowledge from Web development and Python programming courses. Students will engage in an interactive Capture the Flag (CTF) challenge that specifically focuses on web penetration testing. This game-based approach to learning makes the process more enjoyable and engaging for students. Using Web Emperor CTF, students will take on the role of ethical hackers tasked with securing a vulnerable web application. Students will be tasked with protecting "Kova Bank" (not a real bank) which has several vulnerabilities typical of real-world web applications.
The objective is to discover, exploit, and secure vulnerabilities within Kova Bank while following ethical hacking principles. Students will earn points for each successful exploitation and patching of vulnerabilities.
Students will learn about:
- Web Application: Critical components like login pages, user profiles, and a simulated online banking system.
- Vulnerabilities: Explore vulnerabilities like SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), and insecure authentication mechanisms.
- Scoreboard: Track your progress, showcasing individual or team scores based on the number of vulnerabilities successfully exploited and patched.
- Reporting: Students will submit simple reports explaining the vulnerabilities they found, how they were exploited, and the recommended fixes to fosters documentation and communication skills.
LUNCH: Students staying for full day or for both morning and afternoon sessions can bring or buy their lunch. All students will eat lunch on Campus in The Commons, a small food court.
