This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Hacking Lab"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 +
=Main=
  
 +
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>
  
<!-- First tab, what is OWASP/Hacking-Lab -->
+
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
=Available challenges=
+
| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
==What OWASP challenges are available?==
 
==OWASP TopTen Hands-On Training==
 
  Free registration: https://www.hacking-lab.com/events/registerform.html?eventid=245&uk=
 
==OWASP Hackademic Hands-On Training==
 
  Free registration: https://www.hacking-lab.com/events/registerform.html?eventid=302&uk=
 
==OWASP WebGoat Hands-On Training==
 
  Free registration: https://www.hacking-lab.com/events/registerform.html?eventid=557&uk=
 
  
 +
==OWASP Hacking Lab==
  
<!-- Second tab, how to become a participant -->
+
OWASP Hacking Lab is...
=How to become a participant=
+
 
==How can you start solving the OWASP hands-on challenges?==
+
==Introduction==
 +
 
 +
Currently, there is one challenge, the OWASP TopTen with currently 1164 registered users and +500 solutions send in and verified by the OWASP teachers! The goal is to provide an open and transparent process about the challenges, the teachers and continuously working on extending the available challenges.
 +
 
 +
 
 +
 
 +
==Description==
 +
 
 +
Write a description that is just a few paragraphs long
 +
 
 +
 
 +
==Licensing==
 +
OWASP Hacking Lab is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
 +
 
 +
 
 +
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 +
 
 +
== What is Hacking Lab ==
 +
 
 +
OWASP Hacking Lab provides:
 +
 
 +
* xxx
 +
* xxx
 +
 
 +
 
 +
== Presentation ==
 +
 
 +
Link to presentation
 +
 
 +
 
 +
 
 +
 
 +
== Project Leaders ==
 +
 
 +
[mailto:[email protected] Ivan]
 +
 
 +
[mailto:[email protected] Mateo]
 +
 
 +
== Related Projects ==
 +
 
 +
* [[OWASP_CISO_Survey]]
 +
 
 +
 
 +
 
 +
| valign="top"  style="padding-left:25px;width:200px;" |
 +
 
 +
== Quick Download ==
 +
 
 +
* Link to page/download
 +
 
 +
 
 +
 
 +
== News and Events ==
 +
* [20 Nov 2013] News 2
 +
* [30 Sep 2013] News 1
 +
 
 +
 
 +
== In Print ==
 +
This project can be purchased as a print on demand book from Lulu.com
 +
 
 +
 
 +
==Classifications==
 +
 
 +
  {| width="200" cellpadding="2"
 +
  |-
 +
  | align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]] 
 +
  |-
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Project_Type_Files_CODE.jpg|link=]]
 +
  |}
 +
 
 +
|}
 +
 
 +
=FAQs=
 +
 
 +
; Q1
 +
: A1
 +
 
 +
; Q2
 +
: A2
 +
 
 +
= Acknowledgements =
 +
==Volunteers==
 +
XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:
 +
 
 +
* xxx
 +
* xxx
 +
 
 +
==Others==
 +
* xxx
 +
* xxx
 +
 
 +
= Road Map and Getting Involved =
 +
As of XXX, the priorities are:
 +
* xxx
 +
* xxx
 +
* xxx
 +
 
 +
Involvement in the development and promotion of XXX is actively encouraged!
 +
You do not have to be a security expert in order to contribute.
 +
Some of the ways you can help:
 
*Register to a free OWASP Hands-On Training (see tab "Available Challenges")
 
*Register to a free OWASP Hands-On Training (see tab "Available Challenges")
 
*Sign-Up a Hacking-Lab account
 
*Sign-Up a Hacking-Lab account
Line 22: Line 122:
 
*Submit your solution into the HL portal
 
*Submit your solution into the HL portal
 
*OWASP volunteers will grade your submission
 
*OWASP volunteers will grade your submission
 
<!-- Third tab, how to become teacher -->
 
=How can you volunteer as an OWASP teacher?=
 
==Become an OWASP teacher==
 
*Solve the challenges as participant/student first (see tab "Available Challenges")
 
*Make yourself familiar with the OWASP TOP 10, Hackademics and WebGoat challenges
 
*Ask for becoming a teacher to [email protected]
 
 
 
<!-- Fourth tab, teacher Guidelines-->
 
=Challenge valuation Guidelines=
 
==Communication==
 
*Always be polite
 
**Never ever be unpolite. No matter what comment or question you receive!
 
**You are OWASP's interface, behave mature and polite.
 
*Comment in positive phrasing
 
**E.g. if partially scored has been achieved, congratulate them
 
**If the solution contains a good write-up, let them know you appreciate!
 
**If they thank you for the event, return the favor e.g. thanks for contributing
 
*Teaching and mentoring
 
**If a previous suggestion is not understand, try to rephrase
 
*No abusive language is permitted
 
**If you receive any in a solution, don't 'hit back'
 
**See what is causing the frustration, see if you can help is, let Ivan or Martin know
 
 
==Rating:==
 
*Understanding the vulnerability is essential
 
**If a solution describes the vulnerability, this does scores points.
 
  
*Mitigation scores higher than hacking:
 
**We are training security awareness! If mitigation is asked as part of the solution, this scores higher then exploitation
 
*Exploiting is essential
 
**The exploit has to be proven, but a solution that describes the exploit detailed, this is fine too!
 
*Give points when possible
 
**If not the complete answer has been supplied, give partial points when possible.
 
**Only reject if:
 
***there is no solution (e.g. a question asked by the student)
 
***the solution is answering the wrong challenge
 
***the vulnerability / exploit / mitigation has clearly not been understood
 
  
*Rating example:
 
**If you have 10 points to give this is how to divide them:
 
**;3 Points for vulnerability description
 
**;3 Points for proven exploit
 
**;4 Points for complete mitigation description
 
  
= Project About =
+
=Project About=
{{:Projects/OWASP_Hacking_Lab}}  
+
{{:Projects/OWASP_Hacking_Lab}}  
  
[[Category:OWASP Project]]
+
__NOTOC__ <headertabs />
  
<!-- Don't remove this tags below -->
+
[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]
__NOTOC__
 
<headertabs/>
 

Revision as of 22:01, 24 January 2014

OWASP Project Header.jpg

OWASP Hacking Lab

OWASP Hacking Lab is...

Introduction

Currently, there is one challenge, the OWASP TopTen with currently 1164 registered users and +500 solutions send in and verified by the OWASP teachers! The goal is to provide an open and transparent process about the challenges, the teachers and continuously working on extending the available challenges.


Description

Write a description that is just a few paragraphs long


Licensing

OWASP Hacking Lab is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


What is Hacking Lab

OWASP Hacking Lab provides:

  • xxx
  • xxx


Presentation

Link to presentation



Project Leaders

Ivan

Mateo

Related Projects

Quick Download

  • Link to page/download


News and Events

  • [20 Nov 2013] News 2
  • [30 Sep 2013] News 1


In Print

This project can be purchased as a print on demand book from Lulu.com


Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files CODE.jpg
Q1
A1
Q2
A2

Volunteers

XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • xxx
  • xxx

Others

  • xxx
  • xxx

As of XXX, the priorities are:

  • xxx
  • xxx
  • xxx

Involvement in the development and promotion of XXX is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • Register to a free OWASP Hands-On Training (see tab "Available Challenges")
  • Sign-Up a Hacking-Lab account
  • Prepare your client infrastructure (recommended LiveCD from http://media.hacking-lab.com/)
  • Setup VPN from within your LiveCD
  • Read the challenge description (once registered in the first step)
  • Submit your solution into the HL portal
  • OWASP volunteers will grade your submission


PROJECT INFO
What does this OWASP project offer you? 		RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Hacking Lab (home page)
Purpose: This project is about hands-on security challenges (joint venture project with Hacking-Lab)
License: Creative Commons Attribution ShareAlike 3.0 License
who is working on this project?
Project Leader(s):
  • Ivan Buetler @
  • Mateo Martinez @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Ivan Buetler @ to contribute to this project
  • Contact Ivan Buetler @ to review or sponsor this project
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Hacking_Lab&oldid=166612"