RV INSTITUTE OF TECHNOLOGY AND MANAGEMENT®

Advanced Workshop on Cyber Security and Ethical Hacking

on
“Web Security Exploitation Ethical Hacking”

Report

DATE: 13th,14th and 15th ,June 2023

TIME: 9:00 AM to 4:45 PM
VENUE: 6th Floor Seminar Hall, RVITM
Number of participants: 56

An advanced cyber security workshop was conducted by Mr. Samarth Bhaskar Bhat, Technical Director from
Reverse Engineering InfoSec” over a span of three days from 13th to 15th June 2023. The workshop aimed to
provide participants with in-depth knowledge and practical experience in various aspects of cyber security. The
topics covered during the workshop included a recap of basics with Kali Linux, hands-on sessions on website
penetration testing, and an introduction to network security using tools such as DVWA (Damn Vulnerable Web
Application), Burp Suite, and pfSense for firewall configuration.

Workshop Objectives:
The primary objectives of the workshop were as follows:
- Reinforce fundamental cyber security concepts and tools using Kali Linux.
- Provide practical exposure to website penetration testing techniques.
- Familiarize participants with various types of attacks using the Damn Vulnerable Web Application (DVWA).
- Introduce participants to Burp Suite as a web application security testing tool.
- Understand the importance of network security and learn firewall configuration using pfSense.

Workshop Content and Activities:

Day 1: Recap of Basics with Kali Linux
- Introduction to Kali Linux and its significance in cyber security.
- Overview of essential tools and commands in Kali Linux.
- Hands-on exercises to reinforce basic concepts, including network scanning, vulnerability assessment, and
password cracking.

Day 2: Website Penetration Testing with DVWA and Burp Suite

- Introduction to web application security and its importance.
- Overview of Damn Vulnerable Web Application (DVWA) and its functionalities.
- Hands-on session on website penetration testing using DVWA, covering 14 types of attacks, such as SQL
injection, cross-site scripting (XSS), command injection, and more.
- Introduction to Burp Suite as a web application security testing tool.
- Practical exercises on using Burp Suite for web application scanning, interception, and manipulation.

Day 3: Network Security with pfSense

- Introduction to network security principles and best practices.
- Overview of pfSense as an open-source firewall and router software.
- Hands-on configuration of pfSense for firewall rules, network segmentation, and VPN setup.
- Practical exercises on monitoring and analysing network traffic using pfSense.

The workshop incorporated various strategies to ensure active participant engagement and enhance the learning
experience. These strategies included hands-on exercises, group discussions, Q&A sessions, and case studies.
Participants were provided with dedicated lab environments to perform practical exercises using Kali Linux,
DVWA, Burp Suite, and pfSense. Interactive Q&A sessions were held to clarify doubts, and relevant case studies
were presented to illustrate the practical implications of the workshop topics.

This workshop proved to be a comprehensive and valuable learning experience. Participants gained a deeper
understanding of cybersecurity fundamentals, practical skills in website penetration testing using DVWA and
Burp Suite, and knowledge of network security through pfSense. The workshop's hands-on approach and
interactive sessions ensured active engagement and facilitated practical application of the concepts learned.
Participants left the workshop equipped with enhanced cybersecurity knowledge and skills to tackle modern
security challenges effectively.