This scenario will require the students to understand how web forms are attacked, what their vulnerabilities are and how people / bots exploit them. This should give the student a good understanding of what they need to test for on their proposed platform. As well as investigating the obvious XSS and SQL Injection this should go much deeper and look at coding best practices, data storage issues and hacker mentality (why they hack, how they hack and how they think).
On successful completion of the scenario, students will be able to:
This page provides the resources for students to be able to complete the scenario as members of a small team facilitated by a tutor. The resources consist of an introductory video together with documents detailing the PBL problem statement, tasks and links to other materials that learners are expected to use to complete the tasks.
A facilitator guide and CSKE Guide to PBL provide additional information for tutors. The materials are modular, and the source is available so that they can be customized to other contexts, for example as part of an online course.
Once you have logged in or registered, you can access the full PBL documentation, including: