This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP PHP Security Training Project"

From OWASP
Jump to: navigation, search
m (Enhance TODO-List)
Line 122: Line 122:
 
*Point system
 
*Point system
 
*Track clicks on the help button/solution to measure and enhance quality
 
*Track clicks on the help button/solution to measure and enhance quality
 +
*Possibility to reset single units
  
  

Revision as of 12:31, 18 June 2014

OWASP Project Header.jpg

OWASP PHP Security Training Project

OWASP PHP Security Training Project is...

Introduction

The goal of this project is to create an interactive training system, consisting of several units, for PHP developers. Every unit is divided in an attack and a defense part.


Description

The goal of this project is to create an interactive training system, consisting of several units, for PHP developers. Every unit shall be divided in an attack and a defense part. When working through the attack part, the developers will have to strike against a vulnerable application. Through this, they will learn to think like a hacker. Weaknesses to detect and exploit might be XSS, CSRF or SQL Injection, which are listed in the OWASP top 10. While viewing the defense part, the user shall be introduced to securing the vulnerable application, for example by safeguarding the code.


Licensing

OWASP PHP Security Training Project is free to use. It is licensed under the GNU GPL v3 License, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


What is PHP Security Training

OWASP PHP Security Training Project provides:

  • VirtualBox-Machine
  • Debian Package


Presentation

http://files.timo-pagel.de/vortraege/security/phpug_php_security_training_system.pdf (German)


Project Leader

Timo Pagel


Related Projects

Ohloh

Quick Download

Source Code

Email List

Sign up

News and Events

  • [20 Nov 2013] News 2
  • [30 Sep 2013] News 1


In Print

Classifications

New projects.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files CODE.jpg
Q1
A1
Q2
A2

Volunteers

XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • xxx
  • xxx

Others

  • xxx
  • xxx

As of July, the priorities are:

  • Internationalization of existing units
  • UnitTests
  • Enhancement of existing units
  • Creation of more unints
  • Java integration
  • Error message: Enhance details
  • Point system
  • Track clicks on the help button/solution to measure and enhance quality
  • Possibility to reset single units


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP PHP Security Training Project (home page)
Purpose: The goal of this project is to create an interactive training system, consisting of several units, for PHP developers. Every unit is divided in an attack and a defense part. The goal of this project is to create an interactive training system, consisting of several units, for PHP developers. Every unit shall be divided in an attack and a defense part. When working through the attack part, the developers will have to strike against a vulnerable application. Through this, they will learn to

think like a hacker. Weaknesses to detect and exploit might be XSS, CSRF or SQL Injection, which are listed in the OWASP top 10. While viewing the defense part, the user shall be introduced to securing the vulnerable application, for example by safeguarding the code.

License: GNU GPL v3 License
who is working on this project?
Project Leader(s):
  • Timo Pagel @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: Not Yet Created
Key Contacts
  • Contact Timo Pagel @ to contribute to this project
  • Contact Timo Pagel @ to review or sponsor this project
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases