Its been a good experience for me by attending day-3 , the event started by Sumanth Damarla discussing the previous worksheet which was related to Network Security.
The topics discussed were :
- Click tracking
- X-ray frame option
- Port 80 & Port 443
- HTTP & HTTPS
- Privilege level
- Third party API function
- Click tracking – The web browsing history refers to the list of web pages a user has visited recently.
- X-ray frame option – The X-Frame options like deny, sameorigin and allow through(url) , which are methods to prevent the clickjacking attacks
- Port 80 and Port 443 – Port 80 is used for HTTP which is an insecure normal connection and the Port 443 is used for secured connection of HTTP over a Secure sockets layer.
- Http & Https – The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed hypermedia information systems, and it is foundation of data communication for the World Wide Web. Https – it is everywhere a browser like Firefox & Chrome and it is extension where it encrypts our communications with many websites, making your browsing more secure.
- Privilege level – A privilege level in the x86 instruction it sets the control where the access of program is currently running on the processor to resources such as memory regions and special instructions.
- Third party API function – We can build our own cloud code module and by integrating with third-party APIs.
- Blacklisting – Its just a method to ignore the script or data contents where we do not enter into any applications.
- Whitelisting – Its just a method of validation where we verify the given input is correct or not.
After discussing the work-sheet , the workshop began on to the Securing Web @ZAP day-3
Sudarshan started describing about OWSAP Summer Code Sprint 2015 by , and it was a bit interesting to contribute and rewards were pretty awesome , and later on sudarshan explain the procedure and working of ZAP source code on Eclipse IDE , for developing purpose. While at installation i learned about , how to import built-in libraries and external libraries into the ZAP. After finishing the process of configuration on ZAP Source code on Eclipse IDE , we had an activity called Snakes and Ladder game.
where all participants took part of it , and we captured few moments..!