Difference between revisions of "Projects/OWASP Rails Goat Project"

Latest revision as of 17:04, 22 February 2018

Main
Acknowledgements
Road Map and Getting Involved
FAQs
Project About

OWASP Railsgoat Project

This is a Rails application which is vulnerable to the OWASP Top 10. It is intended to show how each of these categories of vulnerabilities can manifest themselves in a Rails-specific way as well as provide the subsequent mitigations for each.

Introduction

Ruby on Rails is an incredibly popular web development framework. There are security concerns whether it be configuration related or language specific, developer-introduced vulnerabilities. Railsgoat comes pre-packaged with a tutorial section that covers the description of an issue, where the code flaw exists within the application, solution (for attack and prevention/mitigation), as well as a hint for those that would like to try and find the vulnerabilities themselves.

Additionally, Railsgoat contains Unit-Tests that demonstrate the basics of writing security-based Unit-Tests.

Description

Project README: https://github.com/OWASP/railsgoat/blob/master/README.md
Project Wiki: http://railsgoat.cktricky.com
Source code: https://github.com/OWASP/railsgoat

Licensing

OWASP Railsgoat is free to use. It is licensed under the MIT license.

Project Leader

Ken Johnson & Mike McCabe

Quick Download

https://github.com/OWASP/railsgoat

Classifications

Volunteers

Railsgoat is developed by a worldwide team of volunteers. The contributors to date have been:

Ken Johnson
Mike McCabe
Al Snow
Joseph Mastey

Others

Road Map

https://github.com/OWASP/railsgoat/issues

Getting Involved

Submit GitHub Pull Requests to add code. Submit Issues to make feature requests.

To contribute, or to know more, contact at ken (DOT) johnson (AT) owasp (DOT) org

PROJECT INFO
What does this OWASP project offer you?

RELEASE(S) INFO
What releases are available for this project?

what	is this project?
Name: OWASP Railsgoat Project (home page)
Purpose: This is a Rails application which is vulnerable to the OWASP Top 10. It is intended to show how each of these categories of vulnerabilities can manifest themselves in a Rails-specific way as well as provide the subsequent mitigations for each.
License: MIT License
who	is working on this project?
Project Leader(s): Ken Johnson @ Mike McCabe @
how	can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: N/A
Project Roadmap: Not Yet Created
Key Contacts
Contact Ken Johnson @ to contribute to this project Contact Ken Johnson @ to review or sponsor this project

current release

https://github.com/OWASP/railsgoat
last reviewed release
Not Yet Reviewed

other releases

@@ Line 4: / Line 4: @@
 {| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
-| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
+| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |
 ==OWASP Railsgoat Project==
@@ Line 18: / Line 18: @@
 ==Description==
-* Project information: http://railsgoat.cktricky.com
+* Project README: https://github.com/OWASP/railsgoat/blob/master/README.md
+* Project Wiki: [https://github.com/OWASP/railsgoat/wiki http://railsgoat.cktricky.com]
 * Source code: https://github.com/OWASP/railsgoat
@@ Line 24: / Line 25: @@
 OWASP Railsgoat is free to use. It is licensed under the MIT license.
-| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
+| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 == Project Leader ==
@@ Line 39: / Line 40: @@
     {| width="200" cellpadding="2"
     |-
-    | align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
+    | rowspan="2" align="center" valign="top" width="50%" | [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
-    | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]]
+    | align="center" valign="top" width="50%" | [[File:Owasp-builders-small.png|link=]]
     |-
-    | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
+    | align="center" valign="top" width="50%" | [[File:Owasp-defenders-small.png|link=]]
     |-
-    | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
+    | colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
     |-
-    | colspan="2" align="center"  | [[File:Project_Type_Files_CODE.jpg|link=]]
+    | colspan="2" align="center" | [[File:Project_Type_Files_CODE.jpg|link=]]
     |}
 |}
 = Acknowledgements =
 ==Volunteers==
-NodeGoat is developed by a worldwide team of volunteers. The contributors to date have been:
+Railsgoat is developed by a worldwide team of volunteers. The contributors to date have been:
 * Ken Johnson
 * Mike McCabe
 * Al Snow
-* James Espinosa
+* Joseph Mastey
 ==Others==
@@ Line 92: / Line 92: @@
 __NOTOC__ <headertabs />
-[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]
+[[Category:OWASP Project]]
+[[Category:OWASP_Builders]]
+[[Category:OWASP_Defenders]]
+[[Category:OWASP_Document]]

Difference between revisions of "Projects/OWASP Rails Goat Project"

Latest revision as of 17:04, 22 February 2018

OWASP Railsgoat Project

Introduction

Description

Licensing

Project Leader

Quick Download

Classifications

Volunteers

Others

Road Map

Getting Involved

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools