OWASP Hackademic Challenges
The Hackademic Challenges implement realistic scenarios with known vulnerabilities in a safe and controllable environment. Users can attempt to discover and exploit these vulnerabilities in order to learn important concepts of information security through an attacker's perspective. Currently, there are 10 scenarios available. You can choose to start from the one that you find most appealing, although we suggest to follow the order presented on the first page. We intend to expand the available challenges with additional scenarios that involve cryptography, and even vulnerable systems being implemented in downloadable virtual machines. Deployment Dependencies of Hackademic involve a web server (Apache, nginx) with PHP and Mysql/MariaDB connected with it. Make sure you have installed these before you start deploying Hackademic. We recommand to use Apache as the web server.
FEATURES
ALTERNATIVES
Important security headers for Fastify with granular control over application routes.
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets in git repos.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
Automatically redirect users from www to non-www for a secure connection.
A tool for secure content publishing and verification using offline signing and trusted collections.
ARM TrustZone provides a secure execution environment for applications on ARM processors.
A tool to profile web applications based on response time discrepancies.
OWASP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application for client-server communication with numerous vulnerabilities.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.