VCET Virtual Lunch & Learn: Secure Coding Workshop

9:00 am - 11:30 am

In this hands-on workshop, you will not only learn about the common web attacks, but you will have the opportunity to see how the attacks work by hacking an application using manual and automated tools.

You will perform:

1. SQL injection attacks

2. Cross-site scripting attacks

3. Arbitrary command execution and create a backdoor

4. XML Injection

5. Bypass password authentication

6. Enumerate insecure web server settings

You’ll also learn how to secure the application and automate testing coding vulnerabilities and how to mitigate common server misconfigurations. Finally, you’ll be able to use these techniques in your own web development to automate the process of assisting you in writing secure code.

About the teacher:

Duane Dunston is an Associate Professor of Cybersecurity at Champlain College. He’s been in Information Security since 1997. He graduated from Pfeiffer University with a BS in Sociology and a Master’s in Organizational Management. Duane is also a mentor for the Vermont Cyberpatriots Program and a mentor for a cyberpatriot girl scouts troop in NY and a school in Oklahoma.

Duane has written over a dozen articles, several being published through He is currently researching the usability of cryptography and has created an application, h2H Messenger, that is designed to make public key infrastructure easy to use and to make enterprise use of the application more efficient. This application is currently being tested in an enterprise environment.

Duane has spoken for the Western North Carolina and Burlington, Vermont Foreign Policy Association Great Decisions series as a Guest Lecturer on Cybersecurity. He also been featured on WCAX for topics related to cybersecurity. His information security experience is from the education and government sector where he worked as an information systems security officer and computer forensics analyst for the National Oceanic and Atmospheric Administration.

He’s written two novels about a computer hacker that helps law enforcement track down human traffickers, Twisted Greed and Point of Interception. Additionally, he donates 100% of the royalties from his novels to organization that support victims of human trafficking.

Duane is a volunteer security consultant with International Association of Human Traffickers and Investigators. He’s working with Champlain students to develop technologies to facilitate the identification of trafficked victims. Duane is currently working on a cross-platform and mobile app to help identify victims of human trafficking.

Duane’s interest are in risk management, security education, and using technology to promote social change. Outside of computers, he practices silversmithing and ham radio. His call ham call sign is KC1BWV.

Watch the Recording