We are still actively working on the spam issue.
Difference between revisions of "Cybersecurity Lab"
(First draft) |
m (Also add Category:Recommendations) |
||
Line 36: | Line 36: | ||
[[Category:HowTo]] | [[Category:HowTo]] | ||
[[Category:Security]] | [[Category:Security]] | ||
+ | [[Category:Recommendations]] |
Latest revision as of 22:55, 1 September 2023
Web Application Security Auditing.
Contents
Create your Own CyberSecurity Lab
It should be a goal for anyone interested in pursuing a career in the IT sector. An old server from a couple of years ago should be sufficient and affordable. Check >>>/g/hsg for more information
Here's some products you can deploy to exercise as Blue (Analysis) or Red (Penetration)
OWASP Webgoat
Perfect for Absolute Beginners. It includes step by step explanations.
Damn Vulnerable Java (EE) Application
Java web applications are the bread and butter of global business aplications. If you are going to work in the security business unit of a corporation or working as a freelancer bug hunter for public programs, you got 80% chance that you are going to be auditing a Java Spring Boot web applicaitons
JavaSpring Vulny
Made by people from Stackhawk that it is in the midst of an effort to boost Zap Attack Proxy. It is a more advanced web application but also very barebones. Many teams around the world are implementing their own endpoints into it to develop their own proof of concepts.
OWASP Juice Shop
Angular front, nodejs back. is quite a nice application to work with. It has a scoring system and an achievement detection list that helps track when challenges the user has overcome.
Port Swigger Gin and Juice Store
Similar to the previous OWASP Juice Shop previously mentioned but you cannot deploy as individual, private instance
Port Swigger Labs
Almost 256 web labs for the OWASP Top 10 with different difficulty levels
Language to look up to?
Go, which has a strong focus on network operations.