We will create an extension to the security testing software Burp Suite, practice hands-on web application hacking, and actively develop habits to stay up to date on cutting edge security issues.
One option is to try to extract API calls from traffic history to get a quick overview of the APIs that have been called. This would involve parsing the HTTP traffic history for Burp Suite and finding unique API routes. Additionally, we may parse and show the different types of errors returned (500s, 400 Bad Request, etc.) to get a holistic view of the APIs used by the application and how they handle a variety of inputs.
This project will start off with some hands-on web application hacking on the CMD + CTRL Cyber Range platform. Students will also do a weekly roundup of cyber security news relevant to their interests in order to get into the habit of staying up to date in the field.
What tools did you use to create your project?
How much experience does your group have? Does the project use anything (art, music, starter kits) you didn't create?
CodeDay Labs team in the advanced track.