This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Hackademic Challenges Project"
(→OWASP Hackademic Challenges Project) |
|||
(9 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
=Main= | =Main= | ||
− | <div style="width:100%;height: | + | <div style="width:100%;height:90px;border:0,margin:0;overflow: hidden;">[[File: lab_big.jpg|link=OWASP_Project_Stages#tab.3DLab_Projects]]</div> |
+ | |||
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |- | {| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |- | ||
Line 12: | Line 13: | ||
==Introduction== | ==Introduction== | ||
− | The '''OWASP Hackademic Challenges''' Project | + | The '''OWASP Hackademic Challenges''' Project helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controllable and safe environment. |
+ | |||
+ | '''Download''' the old version (v.0.1.1) from [https://code.google.com/p/owasp-hackademic-challenges/ Google Code]. | ||
+ | |||
+ | ''' the Latest Version is on''' [https://github.com/Hackademic/hackademic/ GitHub]. | ||
− | ''' | + | ''' Developers checkout the ''' [https://github.com/Hackademic/hackademic/tree/next-dev Development Branch]. |
− | |||
− | |||
− | + | ''' The servers are down due to changes in the Uni's datacenter, it will be up soon. ''' | |
− | + | '' Live version in Greek language (includes additional challenges): http://hackademic1.teilar.gr/gr '' | |
+ | '' You can also challenge yourself using the live version hosted here: http://hackademic1.teilar.gr/ '' | ||
==Description== | ==Description== | ||
Line 49: | Line 53: | ||
== Deployment == | == Deployment == | ||
− | The OWASP Hackademic Challenges can be easily deployed to any PHP-capable web server. | + | The OWASP Hackademic Challenges can be easily deployed to any PHP-capable web server running mysql/mariadb. |
Current deployments (http://hackademic1.teilar.gr/) have integrated the OWASP Hackademic Challenges with well-known CMS software (e.g. [http://www.joomla.org/ Joomla]) in order to provide a complete e-learning environment, where students can register and monitor their progress as they go through the challenges. | Current deployments (http://hackademic1.teilar.gr/) have integrated the OWASP Hackademic Challenges with well-known CMS software (e.g. [http://www.joomla.org/ Joomla]) in order to provide a complete e-learning environment, where students can register and monitor their progress as they go through the challenges. | ||
− | + | == Contact == | |
+ | OWASP Hackademic Challenges project Mailing List [https://lists.owasp.org/mailman/listinfo/owasp-hackademic-challenges mailing list]. | ||
+ | Irc Channel #hackademic-dev on freenode | ||
==Licensing== | ==Licensing== | ||
Line 77: | Line 83: | ||
[mailto:[email protected] Konstantinos Papapanagiotou] | [mailto:[email protected] Konstantinos Papapanagiotou] | ||
− | [mailto: | + | [mailto:spyros.gasteratos@owasp.org Spyros Gasteratos] |
[mailto:[email protected] Andreas Venieris (Core Developer) (Founder)] | [mailto:[email protected] Andreas Venieris (Core Developer) (Founder)] | ||
Line 91: | Line 97: | ||
== Quick Download == | == Quick Download == | ||
− | [https:// | + | [https://github.com/Hackademic/hackademic/ Download] |
== Email List == | == Email List == | ||
Line 98: | Line 104: | ||
== News and Events == | == News and Events == | ||
− | |||
− | |||
Line 123: | Line 127: | ||
=FAQs= | =FAQs= | ||
− | |||
− | |||
− | + | = Acknowledgements = | |
− | |||
− | |||
==Volunteers== | ==Volunteers== | ||
The Hackademic Challenges are developed by a worldwide team of volunteers. The primary contributors to date have been: | The Hackademic Challenges are developed by a worldwide team of volunteers. The primary contributors to date have been: | ||
Line 138: | Line 138: | ||
* [mailto:[email protected] Anastasios Stasinopoulos] | * [mailto:[email protected] Anastasios Stasinopoulos] | ||
+ | |||
+ | * [mailto:[email protected] Spyros Gasteratos] | ||
+ | |||
+ | * [mailto:[email protected] Konstantinos Papapanagiotou] | ||
+ | * Fotis Liatsis | ||
+ | * Petros Andreou | ||
+ | * Antonis Manaras | ||
+ | * Daniel Kvist | ||
+ | * The GSoC students and everyone who's using, or contributing on our github page | ||
+ | |||
==Others== | ==Others== | ||
Line 144: | Line 154: | ||
= Road Map and Getting Involved = | = Road Map and Getting Involved = | ||
− | |||
− | |||
− | |||
− | |||
− | For a list of features we would like implemented you can see our [https://www.owasp.org/index.php/GSoC2013_Ideas#OWASP_Hackademic_Challenges_-_New_challenges_and_Improvements_to_the_existing_ones Google Summer Of Code ideas page] | + | We maintain an up to date list of open issues on the platform on our issues page on github [https://github.com/Hackademic/hackademic/issues here] |
+ | |||
+ | For a list of features we would like implemented you can see either the issues page or our [https://www.owasp.org/index.php/GSoC2013_Ideas#OWASP_Hackademic_Challenges_-_New_challenges_and_Improvements_to_the_existing_ones Google Summer Of Code ideas page] | ||
Involvement in the development and promotion of the Hackademic Challenges is actively encouraged! | Involvement in the development and promotion of the Hackademic Challenges is actively encouraged! | ||
You do not have to be a security expert in order to contribute. | You do not have to be a security expert in order to contribute. | ||
Some of the ways you can help: | Some of the ways you can help: | ||
− | * | + | * Write Documentation |
− | * | + | * Write Unit tests |
+ | * Develop themes and plugins | ||
+ | * Write Challenges or Articles or contribute security courses | ||
+ | |||
+ | |||
+ | =Student Programs= | ||
+ | |||
+ | In Hackademic we're participating in most of OWASP code sprints and any external ones we can. The purpose is to advertise the platform, attract contributors, get some code and also help students learn new things and perhaps learn a couple of new stuff ourselves. | ||
+ | |||
+ | Students and mentors participating in code sprints are instructed to join in the irc channel to make coordination and answering question easier. | ||
+ | Moreover, students have to provide weekly reports and merge requests according to our coding standards. | ||
+ | |||
+ | == Scoring == | ||
+ | For potential mentors scoring student proposals we suggest that they use the following template. | ||
+ | Of course mentors can choose to take other factors into consideration as well. | ||
+ | * Project Contributor 20% | ||
+ | * Has gotten in contact with a mentor or the team and is responsive 10% | ||
+ | * OWASP contributor 10% | ||
+ | * The student's proposal demonstrates that they have knowledge of the matter they discuss and are able to complete the project. 20% | ||
+ | * The proposal mentions the tools to be used and shows understanding of the tools involved 20% | ||
+ | * Proposal includes a timeline that makes sense 20% | ||
+ | * The student's cv/bio show prior relevant experience or the ability to learn quickly 10% | ||
+ | Note that the score amounts to 110% | ||
=Project About= | =Project About= |
Latest revision as of 13:09, 9 July 2015
OWASP Hackademic Challenges ProjectIntroductionThe OWASP Hackademic Challenges Project helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controllable and safe environment. Download the old version (v.0.1.1) from Google Code. the Latest Version is on GitHub. Developers checkout the Development Branch.
Live version in Greek language (includes additional challenges): http://hackademic1.teilar.gr/gr You can also challenge yourself using the live version hosted here: http://hackademic1.teilar.gr/ DescriptionThe Hackademic Challenges implement realistic scenarios with known vulnerabilities in a safe, controllable environment. Users can attempt to discover and exploit these vulnerabilities in order to learn important concepts of information security through the attacker's perspective. Currently, there are 10 web application security scenarios available. You can choose to start from the one that you find most appealing,although we suggest to follow the order presented on the first page.We intend to expand the available challenges with additional scenarios that involve cryptography, and even vulnerable systems implemented in download-able virtual machines. Target GroupAnyone can use the OWASP Hackademic Challenges to test one's knowledge and skills. Nevertheless, the OWASP Hackademic Challenges have been mainly developed to be used in a live classroom environment. Experience has shown increased interest and engagement from students that actually get to practice application security and see how things work in a realistic environment. Currently they are successfully used in the security courses of the following universities:
DeploymentThe OWASP Hackademic Challenges can be easily deployed to any PHP-capable web server running mysql/mariadb. Current deployments (http://hackademic1.teilar.gr/) have integrated the OWASP Hackademic Challenges with well-known CMS software (e.g. Joomla) in order to provide a complete e-learning environment, where students can register and monitor their progress as they go through the challenges. ContactOWASP Hackademic Challenges project Mailing List mailing list. Irc Channel #hackademic-dev on freenode LicensingOWASP Hackademic Challenges Project is free to use. It is licensed under the Apache License V2.0
|
What are Hackademic Challenges?OWASP Hackademic Challenges Project provides:
PresentationProject LeadersAndreas Venieris (Core Developer) (Founder) Related ProjectsOhloh |
Quick DownloadEmail ListNews and EventsIn PrintClassifications |
Volunteers
The Hackademic Challenges are developed by a worldwide team of volunteers. The primary contributors to date have been:
- Konstantinos Papapanagiotou
- Fotis Liatsis
- Petros Andreou
- Antonis Manaras
- Daniel Kvist
- The GSoC students and everyone who's using, or contributing on our github page
Others
- xxx
- xxx
We maintain an up to date list of open issues on the platform on our issues page on github here
For a list of features we would like implemented you can see either the issues page or our Google Summer Of Code ideas page
Involvement in the development and promotion of the Hackademic Challenges is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:
- Write Documentation
- Write Unit tests
- Develop themes and plugins
- Write Challenges or Articles or contribute security courses
In Hackademic we're participating in most of OWASP code sprints and any external ones we can. The purpose is to advertise the platform, attract contributors, get some code and also help students learn new things and perhaps learn a couple of new stuff ourselves.
Students and mentors participating in code sprints are instructed to join in the irc channel to make coordination and answering question easier. Moreover, students have to provide weekly reports and merge requests according to our coding standards.
Scoring
For potential mentors scoring student proposals we suggest that they use the following template. Of course mentors can choose to take other factors into consideration as well.
- Project Contributor 20%
- Has gotten in contact with a mentor or the team and is responsive 10%
- OWASP contributor 10%
- The student's proposal demonstrates that they have knowledge of the matter they discuss and are able to complete the project. 20%
- The proposal mentions the tools to be used and shows understanding of the tools involved 20%
- Proposal includes a timeline that makes sense 20%
- The student's cv/bio show prior relevant experience or the ability to learn quickly 10%
Note that the score amounts to 110%
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|