Completion of our first haXX course with SEEK

Completion of our first haXX course with SEEK

Shea Information Security has successfully delivered our first outreach programme to support women in technology with SEEK. Between February and May 2019, we successfully run a series of evening classes on web hacking and we were delighted to have received 96 applications for 20 spots!

What is haXX?

haXX is an ethical hacking learning group for women trying to break into the technical security field. Founded by Pamela O’Shea, it provides hands on security classes for women with a burning desire to be in the technical security field with varying levels of technical experience.

What did the course cover?

We assumed no prior penetration testing experience and kicked off with information gathering and how an attacker targets a company and its employees.

The rest of the course focused on the most common web application security vulnerabilities and participants were taught how to identify if issues existed in a web application and how to exploit the issues in order to gain control of a customer’s computer or a server.

Topics covered included Cross-Site Scripting (XSS), SQL Injection (SQLi), insecure direct object references (iDOR), insecure file uploads, XML external entity (XXE) attacks, deserialisation attacks, strategies for competing in bug bounties and capture the flags (CTFs).