Don't like this style? Click here to change it! blue.css
Welcome .... Click here to logout
Discord Hacking Project
So this is a light paradigm shifting project. You each made
a somewhat meaningful web app. Many of you are sure it's full
of security holes. As we pivot to the security half of the
class this will be a little exercise in quality assurance.
Here is some guidance:
You have swapped codebases with a partner. You are on the same team.
The goal is to give them a write-up of what they need to fix.
If you discover some true vulnerabilities then write them up and maybe
take some screen shots of a working exploit of some kind.
Examples of working exploits include gaining access to
data/abilities your account shouldn't have access to; code injection;
deleting/editing/accessing the database directly; ability to take down or deface the site
Your hacking skills might be weak or their security strong.
In that case you might think you don't have much to say.
If you can't make an exploit then write-up what you tried and how they protected against it.
Also you can add advice about their code quality to help code maintenance or usability.
Give your write-up to your partner and me on November 1st.