Don't like this style? Click here to change it! blue.css

Welcome .... Click here to logout

Project 2 Rough Guidance

This project is designed to invite you into the world of web app pen testing, CTFs, and a hand's-on familiarity with today's most important web exploits.

I call it OWASP bingo, and it's a choose your own adventure path through mastering various skills.

I have made the following spreadsheet that you should copy and start to fill out:

It has 11 fillable rows, 1 each for the OWASP top-ten and 1 extra for other interesting exploits not covered by the top 10.

You will get points by solving CTF puzzles that exploit one of the known weaknesses.

But the flag alone is not enough, I want you to make a video of you pulling off the exploit.

Use Zoom or OBS or something, and record to cloud or screen capture a video walk-through teaching the exploit.

Each video you make is worth between 1 and 11 points, your job is to get at least 50 points but no more than 10 points per row/category.

Here are the rules for points:

Probably the best strategy is to train on some recent problems, go through the write-ups, then jump in on live CTFs each weekend.

This is not a project that lends itself well to procrastinating, you will struggle if you put this off as you'll get stuck making 50 videos and not 5.

When done this SHOULD level you up in a ton of areas and make you feel quite competent, if you're not leveling up in the experience talk to me.