Vol 19 no.2 2019

Umut GULEC1, Valeriu Manuel IONESCU2

1University of Selcuk, Turkey, 2University of Piteşti, Romania

Abstract

In universities that teach computer network courses, the main focus is placed on identifying the security threats and placing the correct countermeasures for preventing security attacks. There are only few universities that analyze how an attack is actually performed in order to allow the students to draw their conclusions on the resources, skills and motivation for making that attack successful. This paper presents the steps used in creating a hands-on security laboratory by using Mutillidae (as a vulnerable website), Burp Suite (as attacking tools) and SQLmap for attack automation, with accent on the SQL Injection method.

Full Text:

PDF