OWASP PHP Security Training Project

=Main=



{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 * valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

OWASP PHP Security Training Project
OWASP PHP Security Training Project is...

Introduction
The goal of this project is to create an interactive training system, consisting of several units, for PHP developers. Every unit is divided in an attack and a defense part.

Description
The goal of this project is to create an interactive training system, consisting of several units, for PHP developers. Every unit shall be divided in an attack and a defense part. When working through the attack part, the developers will have to strike against a vulnerable application. Through this, they will learn to think like a hacker. Weaknesses to detect and exploit might be XSS, CSRF or SQL Injection, which are listed in the OWASP top 10. While viewing the defense part, the user shall be introduced to securing the vulnerable application, for example by safeguarding the code.

Licensing
OWASP PHP Security Training Project is free to use. It is licensed under the GNU GPL v3 License, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


 * valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

What is PHP Security Training
OWASP PHP Security Training Project provides:


 * VirtualBox-Machine
 * Debian Package

Presentation
http://files.timo-pagel.de/vortraege/security/phpug_php_security_training_system.pdf (German)

Project Leader
[mailto:timo.pagel@owasp.org Timo Pagel]

Ohloh

 * valign="top" style="padding-left:25px;width:200px;" |

Quick Download

 * http://files.timo-pagel.de/php-security-trainig-system/

Source Code

 * https://bitbucket.org/tpagel/php-security-training-system

Email List
Sign up

News and Events

 * [20 Nov 2013] News 2
 * [30 Sep 2013] News 1

Classifications

 * }

=FAQs=


 * Q1
 * A1


 * Q2
 * A2

= Acknowledgements =

Volunteers
XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:


 * xxx
 * xxx

Others

 * xxx
 * xxx

= Road Map and Getting Involved = As of July, the priorities are:
 * Internationalization of existing units
 * UnitTests
 * Enhancement of existing units
 * Creation of more unints
 * Java integration
 * Error message: Enhance details
 * Point system
 * Track clicks on the help button/solution to measure and enhance quality
 * Possibility to reset single units

=Project About=