This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP DevSlop Project
OWASP DevSlop Tool ProjectThe hacker jungle gym built on DevOps disasters.Project Website: DevSlop Modern applications often use APIs, microservices and containerization to deliver faster and better products and services. There has been a massive migration away from monolithic web applications to this new, highly scalable architecture. However, there are currently few training grounds for security testing in these areas. In comes DevSlop, OWASP's newest project, a collection of DevOps-driven applications, specifically designed to showcase security catastrophes and vulnerabilities for use in security testing, software testing, learning and teaching for both developers and security professionals. DescriptionDevSlop's Pixi, the first of many applications to come for this OWASP project, is currently publicly available for your hacking and learning pleasure. Pixi is available in several docker containers and consists of a vulnerable web app and API service. The intent is to teach users how to test modern web applications and API's for security issues and how to write more secure API's in the future.As more pieces of DevSlop are released they will be introduced here. LicensingThis program is free software: you can redistribute it and/or modify it under the terms of the link GNU Affero General Public License 3.0 as published by the Free Software Foundation. OWASP DevSlop and any contributions are Copyright © by Nicole Becher & Tanya Janca 2017. |
Project ResourcesDocumentation Issue Tracker
Project Leader
Team Members
Related ProjectsClassifications
|
News and Events
| |||||||
