
<!DOCTYPE html>

<html>

  <head>


    <meta http-equiv="content-type" content="text/html; charset=UTF-8">

  </head>

  <body>

    <div class="moz-forward-container">

      <p>Greetings Colleagues,</p>

      <p>Kindly find details for the AIS CSIRT track that will be held

        on Friday 26th September 2026.</p>

      <p><a class="moz-txt-link-freetext"

          href="https://africacert.app.box.com/notes/1994593701321"

          moz-do-not-send="true">https://africacert.app.box.com/notes/1994593701321</a></p>

      <p style="font-size: 12pt" data-pm-slice="1 1 []"><span

          style="font-size: 18pt"><strong><span>Tutorial: Investigating

              Web Attacks to Assess Cyber Risks</span></strong></span></p>

      <p style="font-size: 12pt"><span style="color: #1A237E"><span>Attack

            & Detect – Fully Hands-On Training</span></span></p>

      <p style="font-size: 12pt"><span>Instructor: Eric Sowah Badger

          (OSCP+, CRTO, PNPT, CRTP, eWPTX)</span></p>

      <p style="font-size: 12pt"><span>Date: 26 September</span></p>

      <p style="font-size: 12pt"><span>Time: 09:00 – 11:00 AM (Accra

          Time)</span></p>

      <p style="font-size: 12pt"><span>Format: Live via Zoom &

          Discord</span></p>

      <h2 id="g-mfws1r1i"><span>🔎 What You’ll Learn</span></h2>

      <p style="font-size: 12pt"><span>• Overview of web attack

          techniques</span></p>

      <p style="font-size: 12pt"><span>• Latest cyber attack trends</span></p>

      <p style="font-size: 12pt"><span>• Understanding webserver logs</span></p>

      <p style="font-size: 12pt"><span>• Steps to analyze and interpret

          logs</span></p>

      <p style="font-size: 12pt"><span>• Best practices for log

          management</span></p>

      <p style="font-size: 12pt"><span>• Assessing risk impact</span></p>

      <h2 id="g-mfws1r1j"><span>🛠️ Hands-On Lab Work</span></h2>

      <h3 id="g-mfws1r1k"><span>Attack Lab</span></h3>

      <p style="font-size: 12pt"><span>• SQL Injection</span></p>

      <p style="font-size: 12pt"><span>• Local File Inclusion (LFI)</span></p>

      <p style="font-size: 12pt"><span>• Insecure Direct Object

          Reference (IDOR)</span></p>

      <p style="font-size: 12pt"><span>• File Upload → Reverse Shell</span></p>

      <p style="font-size: 12pt"><span>• Cookie Manipulation (Auth

          Bypass)</span></p>

      <p style="font-size: 12pt"><span>• Command Injection</span></p>

      <h3 id="g-mfws1r1l"><span>Detection Lab</span></h3>

      <p style="font-size: 12pt"><span>• Setup of ELK Stack (SIEM)</span></p>

      <p style="font-size: 12pt"><span>• Detecting web attack activity</span></p>

      <p style="font-size: 12pt"><span>• Triage & investigation of

          alerts</span></p>

      <p style="font-size: 12pt"><span>• Mitigation strategies</span></p>

      <p style="font-size: 12pt"><span>• Reporting & documentation</span></p>

      <h2 id="g-mfws1r1m"><span>🎯 Who Should Attend</span></h2>

      <p style="font-size: 12pt"><span>• Web Developers & AppSec

          Engineers</span></p>

      <p style="font-size: 12pt"><span>• SOC Analysts & Incident

          Responders</span></p>

      <p style="font-size: 12pt"><span>• Security Students &

          Professionals</span></p>

      <p style="font-size: 12pt"><span>• SysAdmins & DevOps Teams</span></p>

      <h2 id="g-mfws1r1n"><span>📌 Logistics</span></h2>

      <p style="font-size: 12pt"><span>🔗 Zoom Link: </span><a

href="https://events.zoom.us/ev/As8ByvKeu6lHwS_GKbAOvK0sqrCD42ynV1C3090tByZDFo33PDnU~AkfEbC9W06eQ-CroCn7grRkZ2Bgcx6pJrInatUgRzyEJPuLt827joNLFYg"

          target="_blank" rel="noopener noreferrer nofollow"

          data-attrib-id="link-aae0adac-44d7-4e64-965a-89bd7a25c2a2"

          moz-do-not-send="true"><span>https://events.zoom.us/ev/As8ByvKeu6lHwS_GKbAOvK0sqrCD42ynV1C3090tByZDFo33PDnU~AkfEbC9W06eQ-CroCn7grRkZ2Bgcx6pJrInatUgRzyEJPuLt827joNLFYg</span></a></p>

      <p style="font-size: 12pt"><span>💬 Discord Channel: </span><a

          href="https://discord.gg/TrKwgxYD" target="_blank"

          rel="noopener noreferrer nofollow"

          data-attrib-id="link-0b52dea6-7439-47c0-8de6-f351613416ee"

          moz-do-not-send="true"><span>https://discord.gg/TrKwgxYD</span></a></p>

      <p style="font-size: 12pt"><span>📑 Slides, Platform link &

          Materials: Shared after registration</span></p>

      <p style="font-size: 12pt"><span style="color: #C21807"><strong><span>🔥

              Don’t just learn about web attacks—experience them, detect

              them, and learn how to defend against them.</span></strong></span></p>

      <p style="font-size: 12pt"><span style="color: #C21807"><strong><span> </span></strong></span></p>

      <p style="font-size: 12pt"><span style="font-size: 18pt"><strong><span>AIS,

              AfNOG, AfricaCERT & FIRST Cyber Drill</span></strong></span></p>

      <p style="font-size: 12pt"><strong><span>Time: 11:00 AM – 05:00 PM

            (Accra Time)</span></strong></p>

      <p style="font-size: 12pt"><span>The Cyber Drill is a joint

          initiative by AfricaCERT, AfNOG, CTFROOM, AIS, and FIRST

          through the Africa Regional Liaison Initiative.</span></p>

      <p style="font-size: 12pt"><span> </span></p>

      <p style="font-size: 12pt"><span>Objectives</span></p>

      <p style="font-size: 12pt"><span>·      Strengthen the capability

          of cybersecurity teams, system administrators, and network

          engineers who operate and secure Africa’s internet

          infrastructure.</span></p>

      <p style="font-size: 12pt"><span>·      Provide a hands-on,

          team-based learning experience focused on real-world cyber

          resilience.</span></p>

      <p style="font-size: 12pt"><span>·      Foster collaboration

          across the African internet and cybersecurity community by

          engaging diverse stakeholders in a practical pre-event to

          AIS’25</span></p>

      <p style="font-size: 12pt"><span> </span></p>

      <p style="font-size: 12pt"><strong><span>Event Details</span></strong></p>

      <p style="font-size: 12pt"><span>·      Format: Virtual,

          team-based cyber drill</span></p>

      <p style="font-size: 12pt"><span>·      Date & Time: Friday,

          26th September 2025 | 11:00 AM – 5:00 PM UTC</span></p>

      <p style="font-size: 12pt"><span>·      Registration Period: Opens

          19th September, 3:00 PM UTC | Closes 26th September,</span></p>

      <p style="font-size: 12pt"><span>·      Discord: </span><a

          href="https://discord.gg/TrKwgxYD" target="_blank"

          rel="noopener noreferrer nofollow"

          data-attrib-id="link-6f96d238-aa49-4dcf-9b12-34b0efa0ba93"

          moz-do-not-send="true"><span>https://discord.gg/TrKwgxYD</span></a></p>

      <p style="font-size: 12pt"><span>·      Event Platform Link:

          Register & Join - </span><a

href="https://africacert.ctfroom.com/event/africacert_first_cyberdrill_68cc2a78b70f4"

          target="_blank" rel="noopener noreferrer nofollow"

          data-attrib-id="link-04d6dc9f-10b0-484b-bd28-e25b9f9f04de"

          moz-do-not-send="true"><span>https://africacert.ctfroom.com/event/africacert_first_cyberdrill_68cc2a78b70f4</span></a></p>

      <p style="font-size: 12pt"><span>For details: <a

            class="moz-txt-link-abbreviated moz-txt-link-freetext"

            href="mailto:secretariat@africacert.org"

            moz-do-not-send="true">secretariat@africacert.org</a></span></p>

    </div>

  </body>

</html>