Detecting Web Attacks
Explore web attacks and detection methods through log and network traffic analysis.
easy
60 min
78
To access material, start machines and answer questions login.
Web attacks are among the most common ways attackers gain entry into target systems. Public-facing websites and web applications often sit in front of databases and other infrastructure, which are appealing targets for attackers. In this room, you’ll learn how to identify these threats using practical detection methods and industry-standard tools.
Objectives
- Learn common client-side and server-side attack types
- Understand the benefits and limitations of log-based detection
- Explore network traffic–based detection methods
- Understand how and why Web Application Firewalls are used
- Practice identifying common web attacks using the methods covered
Prerequisites
Web attacks encompass a wide range of techniques. In this room, you will cover a brief overview of several common attacks before learning how to detect them. To get the most out of the exercises, you should have a foundational understanding of these attack types and some familiarity with analyzing logs and packet captures.
- OWASP Top 10 covers the ten most critical web security risks
- Complete Intro to Log Analysis for an overview of logs and useful indicators
- Wireshark: The Basics provides a great introduction to packet capture analysis
Set up your virtual environment
I understand the learning objectives and am ready to learn about detecting web attacks!
{
"@context": "https://www.schema.org",
"@id":"https://tryhackme.com/#website",
"isPartOf":"https://tryhackme.com/#organization",
"@type": "WebSite",
"name": "TryHackMe",
"alternateName": "THM, Try Hack Me",
"url": "https://tryhackme.com/",
"description": "TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!"}