SecureCodingDojo
SecureCodingDojo copied to clipboard
OWASP
The Secure Coding Dojo is a platform for delivering secure coding knowledge.
In the latest insecure.inc docker image published at dockerhub DIGEST:sha256:87b47ae592a0c3dfa627cacac866279f24bef9ae856a0f94f1d6b71e7e7739c7 At the insecure.inc cwe89.jsp page [Brown Belt : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')]...
When I'm incorporating SecureCodingDojo lessons in to my security champions curriculum, I must routinely reference a mapping between OWASP Top 2017 and 2021 to see where the lessons fit. I've...
Rename MASTER_PASSWORD in Buffer Overflow challenge to something else
Language is determined by the URL. For example: /codereview/{module}/{lang} Implement a drop down menu with flags that would simply navigate to the corresponding module language if it exists.
Investigate whether the definition JSON could be converted to YAML and parsed on the client side back to JSON. This will facilitate collaboration and easier translation of the content.
Refactor the code review 101 static site to allow adding more modules. First stage is to decouple the definition file and the welcome banner from the code running everything and...
While I'm trying to solve the Second Degree Black Belt : XML External Entities challenge, observed that levering the previous challenge i.e. Injection got that there is one 'connecttocommandproc.sh' file...
