Difference between revisions of "OWASP Hackademic Challenges Project"

From OWASP
Jump to: navigation, search
 
(9 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
==== Main  ====
 
==== Main  ====
 +
<center>[[Image:Hackademic_transp_logo.png]]</center>
 +
 +
 
The '''OWASP Hackademic Challenges''' Project is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment.
 
The '''OWASP Hackademic Challenges''' Project is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment.
  
 
'''Download''' the current version (v.0.1.1) from [https://code.google.com/p/owasp-hackademic-challenges/ Google Code].  
 
'''Download''' the current version (v.0.1.1) from [https://code.google.com/p/owasp-hackademic-challenges/ Google Code].  
 +
''' Development version ''' [https://github.com/Hackademic/hackademic.git Github] Latest changes implemented in the 'next' branch
  
 
You can also challenge yourself using the live version hosted here: http://hackademic1.teilar.gr/
 
You can also challenge yourself using the live version hosted here: http://hackademic1.teilar.gr/
Line 8: Line 12:
 
Live version in Greek language (includes additional challenges): http://hackademic1.teilar.gr/gr
 
Live version in Greek language (includes additional challenges): http://hackademic1.teilar.gr/gr
  
 +
The '''OWASP Hackademic Challenges''' have been now also integrated into the [https://www.hacking-lab.com Hacking Lab]. You can register and play for '''FREE''' the Hackademic Challenges at the Hacking Lab by following this link: https://www.hacking-lab.com/events/registerform.html?eventid=302&uk=
  
 
== Overview ==  
 
== Overview ==  
Line 26: Line 31:
 
Currently they are successfully used in the security courses of the following universities:
 
Currently they are successfully used in the security courses of the following universities:
  
* TEI of Larissa
+
* [http://teilar.gr TEI of Larissa] (Hosting Institute)
* University of Piraeus
+
* [http://www.unipi.gr/ University of Piraeus]
* University of Athens
+
* [http://www.uoa.gr/ University of Athens]
* ...
+
* [http://www.uom.gr/ University of Macedonia]
 
+
* [http://www.teithe.gr/ TEI of Thessaloniki]
 +
* ''Add your university/educational institution here'' - [mailto:hackademic@owasp.gr Contact us] if you are using or want to use OWASP Hackademic Challenges in your class.
  
 
== Deployment ==
 
== Deployment ==
Line 36: Line 42:
 
The OWASP Hackademic Challenges can be easily deployed to any PHP-capable web server.  
 
The OWASP Hackademic Challenges can be easily deployed to any PHP-capable web server.  
  
Current deployments (http://hackademic1.teilar.gr/) have integrated the OWASP Hackademic Challenges with well-known CMS software (e.g. Joomla) in order to provide a complete e-learning environment, where students can register and monitor their progress as they go through the challenges.
+
Current deployments (http://hackademic1.teilar.gr/) have integrated the OWASP Hackademic Challenges with well-known CMS software (e.g. [http://www.joomla.org/ Joomla]) in order to provide a complete e-learning environment, where students can register and monitor their progress as they go through the challenges.
 
+
If you need a assistance in setting up the OWASP Hackademic Challenges in your environment, please don't hesitate to contact the project team by posting your inquire on the OWASP Hackademic Challenges project mailing list.
+
  
 +
If you need a assistance in setting up the OWASP Hackademic Challenges in your environment, please don't hesitate to contact the project team by posting your inquire on the OWASP Hackademic Challenges project [https://lists.owasp.org/mailman/listinfo/owasp-hackademic-challenges mailing list].
  
 
== Roadmap==
 
== Roadmap==
Line 46: Line 51:
  
 
* Building additional challenges that also cover different security domains (e.g. cryptography) or other OWASP Top 10 risks.
 
* Building additional challenges that also cover different security domains (e.g. cryptography) or other OWASP Top 10 risks.
* Integrate the OWASP Hackademic Challenges with other CMS platfroms
+
* Enrich Hackademic CMS with more features and better security
 
* ...
 
* ...
  
 
+
For a list of features we would like implemented you can see our [https://www.owasp.org/index.php/GSoC2013_Ideas#OWASP_Hackademic_Challenges_-_New_challenges_and_Improvements_to_the_existing_ones Google Summer Of Code ideas page]
  
 
==== Project About ====
 
==== Project About ====

Latest revision as of 21:54, 11 April 2013

Main

Hackademic transp logo.png


The OWASP Hackademic Challenges Project is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment.

Download the current version (v.0.1.1) from Google Code. Development version Github Latest changes implemented in the 'next' branch

You can also challenge yourself using the live version hosted here: http://hackademic1.teilar.gr/

Live version in Greek language (includes additional challenges): http://hackademic1.teilar.gr/gr

The OWASP Hackademic Challenges have been now also integrated into the Hacking Lab. You can register and play for FREE the Hackademic Challenges at the Hacking Lab by following this link: https://www.hacking-lab.com/events/registerform.html?eventid=302&uk=

Overview

The Hackademic Challenges implement realistic scenarios with known vulnerabilities in a safe, controllable environment. Users can attempt to discover and exploit these vulnerabilities in order to learn important concepts of information security through the attacker's perspective.

Currently, there are 10 web application security scenarios available.

You can choose to start from the one that you find most appealing,although we suggest to follow the order presented on the first page.We intend to expand the available challenges with additional scenarios that involve cryptography, and even vulnerable systems implemented in download-able virtual machines.


Target Group

Anyone can use the OWASP Hackademic Challenges to test one's knowledge and skills.

Nevertheless, the OWASP Hackademic Challenges have been mainly developed to be used in a live classroom environment. Experience has shown increased interest and engagement from students that actually get to practice application security and see how things work in a realistic environment.

Currently they are successfully used in the security courses of the following universities:

Deployment

The OWASP Hackademic Challenges can be easily deployed to any PHP-capable web server.

Current deployments (http://hackademic1.teilar.gr/) have integrated the OWASP Hackademic Challenges with well-known CMS software (e.g. Joomla) in order to provide a complete e-learning environment, where students can register and monitor their progress as they go through the challenges.

If you need a assistance in setting up the OWASP Hackademic Challenges in your environment, please don't hesitate to contact the project team by posting your inquire on the OWASP Hackademic Challenges project mailing list.

Roadmap

Current project roadmap includes:

  • Building additional challenges that also cover different security domains (e.g. cryptography) or other OWASP Top 10 risks.
  • Enrich Hackademic CMS with more features and better security
  • ...

For a list of features we would like implemented you can see our Google Summer Of Code ideas page

Project About

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Hackademic Challenges Project (home page)
Purpose:
  • The Hackademic Challenges is an open source project that can be used to test and improve one's knowledge of web application security.
  • The Hackademic Challenges project implements realistic scenarios with known vulnerabilities in a safe, controllable environment. Users can attempt to discover and exploit these vulnerabilities in order to learn important concepts of information security through the attacker's perspective.
  • They have been especially designed for use in a classroom environment where they have been proved a valuable educational tool. Using hackademic challenges students have the chance to experience application security in a realistic environment, something that triggers their interest and provokes a lot of interesting discussions.
  • The Hackademic Challenges are currently used in several Universities and have received very positive feedback from both professors and students.
License: TBC
who is working on this project?
Project Leader(s):
Project Contributor(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Main links:
Key Contacts
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
OWASP Hackademic Challenges(EN) v0.1.1 - February 2011 - (download)
Release description:
  • The Hackademic Challenges is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment.
Rating: Yellow button.JPG Not Reviewed - Assessment Details
last reviewed release
Not Yet Reviewed


other releases