This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Category:OWASP Security Ninjas AppSec Training Program
OWASP Security NinjasSecurity Ninjas is an open-source Application Security Training Program. DescriptionThe training program slide deck covers the OWASP Top10 vulnerabilities and some general security best practices. The hands-on training lab consists of 10 fun real world like hacking exercises corresponding to each of the OWASP Top10 vulnerabilities. This is where you need to add your more robust project description. A project description should outline the purpose of the project, how it is used, and the value it provides to application security. Ideally, project descriptions should be written in such a way that there is no question what value the project provides to the software security community. This section will be seen and used in various places within the Projects Portal. Poorly written project descriptions therefore detract from a project’s visibility, so project leaders should ensure that the description is meaningful.
LicensingThis program is free software: you can redistribute it and/or modify it under the terms of the MIT License.. |
Project ResourcesThis is where you can link to the key locations for project files, including setup programs, the source code repository, online documentation, a Wiki Home Page, threaded discussions about the project, and Issue Tracking system, etc.
Project LeaderRelated ProjectsThis is where you can link to other OWASP Projects that are similar to yours.
Classifications
|
News and EventsThis is where you can provide project updates, links to any events like conference presentations, Project Leader interviews, case studies on successful project implementations, and articles written about your project.
| |||||
1. What is special about this project? - This is one of the very few projects which offers systematic, guided hands-on AppSec training to folks with very minimal AppSec or Penetration Testing knowledge. This would not only teach you how to find and exploit vulnerabilities but also hot to fix them and not have them in the first place! In today's world of advancing web attacks and seeing how complicated web applications are becoming, this training is something that every software engineer should take.
2. How much time does it take to set up the hands on lab? - If you use the docker build, it takes only a few seconds to setup the lab!
3. Is it hard to setup and destroy the hands-on lab container? - It is super simple to set up and destroy the container. If use docker, there are no dependency issues as well, no matter what platform you are using!
4. Why did I chose Docker? - Setting up and destroying the environment would be super easy and quick. - The docker container would be sandboxed which means that the vulnerable application wouldn’t be able to harm the host OS.
Volunteers
- Shruti Gupta Shruti Gupta
The first contributors to the project were:
- Shruti Gupta Shruti Gupta created the OWASP Security Ninjas project
Roadmap
The project is 100% complete.
.
- You can read the full blog .
Getting Involved
If you have suggestions/ comments about how this project could be made better, please email Shruti Gupta Shruti Gupta.
I already have the deliverables 100% ready:
The Application Security Training Program consists of a slide deck which is here
and the Source Code can be found here
It is fastest (takes less than 10 seconds to deploy and run) to setup and run the hands on lab in a Docker container. The docker repo and instructions are here
This category currently contains no pages or media.
