OWASP Hacking Lab

=Available challenges= OWASP/Hacking-Lab
 * OWASP TopTen Hands-On Training
 * OWASP Hackademic Hands-On Training
 * OWASP WebGoat Hands-On Training
 * Hacking-Lab donated challenges covering the OWASP TopTen
 * OWASP Hackademic

=How to become a participant= To participate:
 * registration Link

=How to become a teacher=
 * NDA (plus explanation why)

=Challenge valuation Guidelines=

Communication

 * Always be polite
 * Never ever be unpolite. No matter what comment or question you receive!
 * You are OWASP's interface, behave mature and polite.
 * Comment in positive phrasing
 * E.g. if partially scored has been achieved, congratulate them
 * If the solution contains a good write-up, let them know you appreciate!
 * If they thank you for the event, return the favor e.g. thanks for contributing
 * Teaching and mentoring
 * If a previous suggestion is not understand, try to rephrase
 * No abusive language is permitted
 * If you receive any in a solution, don't 'hit back'
 * See what is causing the frustration, see if you can help is, let Ivan or Martin know

Rating:

 * Understanding the vulnerability is essential
 * If a solution describes the vulnerability, this does scores points.


 * Mitigation scores higher than hacking:
 * We are training security awareness! If mitigation is asked as part of the solution, this scores higher then exploitation
 * Exploiting is essential
 * The exploit has to be proven, but a solution that describes the exploit detailed, this is fine too!
 * Give points when possible
 * If not the complete answer has been supplied, give partial points when possible.
 * Only reject if:
 * there is no solution (e.g. a question asked by the student)
 * the solution is answering the wrong challenge
 * the vulnerability / exploit / mitigation has clearly not been understood


 * Rating example:
 * If you have 10 points to give this is how to divide them:
 * 3 Points for vulnerability description
 * 3 Points for proven exploit
 * 4 Points for complete mitigation description

= Project About =