This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Hacking Lab
From OWASP
Revision as of 16:11, 14 January 2014 by Ivan Buetler (talk | contribs)
- Available challenges
- How to become a participant
- How to become a teacher
- Challenge valuation Guidelines
- Project About
OWASP/Hacking-Lab
- OWASP TopTen Hands-On Training
Free registration: https://www.hacking-lab.com/events/registerform.html?eventid=245&uk=
- OWASP Hackademic Hands-On Training
Free registration: https://www.hacking-lab.com/events/registerform.html?eventid=302&uk=
- OWASP WebGoat Hands-On Training
Free registration: https://www.hacking-lab.com/events/registerform.html?eventid=557&uk=
none
- one
none
- two
none
- three
none
- four
To participate:
- registration Link
- NDA (plus explanation why)
Communication
- Always be polite
- Never ever be unpolite. No matter what comment or question you receive!
- You are OWASP's interface, behave mature and polite.
- Comment in positive phrasing
- E.g. if partially scored has been achieved, congratulate them
- If the solution contains a good write-up, let them know you appreciate!
- If they thank you for the event, return the favor e.g. thanks for contributing
- Teaching and mentoring
- If a previous suggestion is not understand, try to rephrase
- No abusive language is permitted
- If you receive any in a solution, don't 'hit back'
- See what is causing the frustration, see if you can help is, let Ivan or Martin know
Rating:
- Understanding the vulnerability is essential
- If a solution describes the vulnerability, this does scores points.
- Mitigation scores higher than hacking:
- We are training security awareness! If mitigation is asked as part of the solution, this scores higher then exploitation
- Exploiting is essential
- The exploit has to be proven, but a solution that describes the exploit detailed, this is fine too!
- Give points when possible
- If not the complete answer has been supplied, give partial points when possible.
- Only reject if:
- there is no solution (e.g. a question asked by the student)
- the solution is answering the wrong challenge
- the vulnerability / exploit / mitigation has clearly not been understood
- Rating example:
- If you have 10 points to give this is how to divide them:
- 3 Points for vulnerability description
- 3 Points for proven exploit
- 4 Points for complete mitigation description
- If you have 10 points to give this is how to divide them:
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|