We focus so much on the next great exploit, when have we looked back to see where we come from? Let me take you on a journey back through time, to the first 'hack' ever pulled off. Then, wander with me as we trace the history of our storied profession, from thousands of years ago, all the way to the modern day.

I choose to define hacking as "subverting the rules of a system, in order to force the system to behave in a manner not intended by its creator". This, to me at least, is the hacker mindset - a burning curiosity to make things behave in a way we are told they should not be able to. It is armed with this definition, that I explore the history of hacking, going back through the ages, addressing the incident in 1903 (from which we get the title of this talk), or even to 1834, when the first real 'cyber attack' was pulled off. We go back even earlier than this, observing how the techniques we use today have their roots in the (mis)behaviour of ancient civilisations.

I hope we can learn from the past, to help us shape the future of our great industry. Or, at the very least, we can pay homage to the hackers that came before us, as they laid the groundwork for what we all get to do today.

What is JavaScript? Who is a HTML and what are they doing in my browser? If you ask these sort of questions - this is the workshop for you. You may have heard of Cross-Site Scripting in passing, you may not have, but after this you will understand what it is, what you can do with it, and be well on your way to finding it in simpler web apps.

Cross-Site Scripting (XSS for short) is one of the fundamental vulnerabilities all junior AppSec professions need to have a solid grasp of. Understanding why XSS is an issue, how it is introduced into applications, and ultimately how to begin finding it is a vital step on anyones AppSec journey.

We will start with a basic overview of what a website is made up of (HTML/JS/CSS), then the difference between dynamic and static pages, and onto how user-supplied content ends up in pages. We then move onto exploring how we might provide malicious content, exploring what we used to demonstrate execution (alert(1)) . This workshop is supported by custom labs to reinforce the learning.

Whilst this is aimed at complete beginners, by the end of the two hours you should have a solid understanding of what XSS is, but more importantly why it ends up in applications. This depth of understanding will help any person within the AppSec field.

This is a workshop aimed at folks brand new to web security, or people wanting to get into AppSec in the future.