This repository contains slides and demo code for the module on web client and server vulnerabilities.
See the demos/ sub-directory for the demo code related to web client security.
You should also install some simple webserver. I use Python 3's http.server module. To use this, first install Python 3. Then run the following command from the demos/html directory.
$ python -m http.server
For web server vulnerabilities, we will use the Damn Vulnerable Web Application. It is suggested that you install the DVWA inside a VirtualBox VM using the docker container provided at the GitHub link. Specifically, run the following command:
$ dockerhub page docker run --rm -it -p 80:80 vulnerables/web-dvwa