Webseclab Security Education Workbench

Date Added: Jun 2010
Format: PDF

The authors have developed and tested a virtual-machine-based web security student laboratory, Webseclab, comprising a LAMP (Linux, Apache, MySQL, PHP) stack, a variety of development tools, and the three most popular browsers for the Linux platform. This environment, tested in weekly participatory labs and weekly homework, hosts a teaching framework, exercise sets and labs, and a sandboxed student development environment. Eighty incremental exercises based on recent web security research, and challenge projects based on real open-source applications, teach the major web vulnerabilities and defenses, in an encapsulated environment that allows students to experiment freely without interfering with each other or with public networks.