Zeggy Posted May 27, 2010 Share Posted May 27, 2010 Google made a very nice tutorial on website exploits and how to protect against them. http://jarlsberg.appspot.com/ You get your own copy of a buggy website, and follow the instructions to exploit and fix this website. Covers xss, csrf, and much more! The website is written in python so if you use php you may not understand the code, but the underlying principles are the same and these attacks can still be applied to your website! Quote Link to comment Share on other sites More sharing options...
Spudinski Posted May 27, 2010 Share Posted May 27, 2010 I like these types of challenges, but they are intended for different audiences. I would think Python is not the most used language on the web, neither is it designed to be so. It's designed to make life easier for programmers who wants to run and test their programs cross-platform. Anyway, good post. It will help most people here understand more about security. I would rather suggest HackQuest, it covers allot more than just the website part of an system. Quote Link to comment Share on other sites More sharing options...
Zeggy Posted May 27, 2010 Author Share Posted May 27, 2010 I don't know if maybe you misread the description, but this isn't similar to hackquest and other challenge sites. This is mainly a tutorial with some hands-on sections to try stuff out. But it can be treated as an article too. I think the target audience for this site is perfect for the web developers on this forum who want to learn more about web security. Sure, python's not the most popular web dev language but it is just as appropriate for web dev as ruby is. Personally I use python for my own web development and I find it much nicer than using PHP. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.