OWASP Php Security Training

Thank you for visiting OWASP.org. We recently migrated our community to a new web platform and regretably the content for this page needed to be programmatically ported from its previous wiki page. There’s still some work to be done. The historical content can be found here.

Please visit our Page Migration Guide for more information about updating pages for the new website as well as examples of github markdown.

Main

![OWASP_Project_Header.jpg](OWASP_Project_Header.jpg "OWASP_Project_Header.jpg")

OWASP PHP Security Training Project is...

Introduction

The goal of this project is to create an interactive training system, consisting of several units, for PHP developers. Every unit is divided in an attack and a defense part.

Description

The goal of this project is to create an interactive training system, consisting of several units, for PHP developers. Every unit shall be divided in an attack and a defense part. When working through the attack part, the developers will have to strike against a vulnerable application. Through this, they will learn to think like a hacker. Weaknesses to detect and exploit might be XSS, CSRF or SQL Injection, which are listed in the OWASP top 10. While viewing the defense part, the user shall be introduced to securing the vulnerable application, for example by safeguarding the code.

Licensing

OWASP PHP Security Training Project is free to use. It is licensed under the GNU GPL v3 License, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

</td>

Ohloh

</td>

Source Code

Email List

Sign up

News and Events

  • [21 Jan 2015] Poster and Paper is available.

In Print

</td>

What is PHP Security Training

OWASP PHP Security Training Project provides:

OWASP PHP Security Training Project provides:

    • VirtualBox-Machine
    • VirtualBox-Machine
    • Debian Package
    • Debian Package

Informations

Informations

Paper: http://files.timo-pagel.de/php-security-trainig-system/paper.pdf Poster: http://files.timo-pagel.de/php-security-trainig-system/poster2.pdf Presentation: http://files.timo-pagel.de/vortraege/security/phpug_php_security_training_system.pdf (German)

Paper: http://files.timo-pagel.de/php-security-trainig-system/paper.pdf Poster: http://files.timo-pagel.de/php-security-trainig-system/poster2.pdf Presentation: http://files.timo-pagel.de/vortraege/security/phpug_php_security_training_system.pdf (German)

Project Leader

Project Leader

Timo Pagel

Timo Pagel

Ohloh

FAQs

  • How to install OWASP PSeTS?
wget http://files.timo-pagel.de/php-security-trainig-system/php-security-training-system-vagrant.tar
tar xfv php-security-training-system-vagrant.tar
cd vagrant/
vagrant plugin install vagrant-hostsupdater
vagrant up
goto http://guidesystem.local/ in your browser
  • In which languages is OWASP PSeTS translated? So far, it is only available in German.

Acknowledgements

Volunteers

XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • xxx
  • xxx

Others

  • xxx
  • xxx

Road Map and Getting Involved

As of July, the priorities are:

  • Internationalization of existing units
  • UnitTests
  • Enhancement of existing units
  • Creation of more units
  • Java integration
  • Error message: Enhance details
  • Point system
  • Track clicks on the help button/solution to asses the quality of a unit
  • Possibility to reset single units

Project About

NOTOC

Category:OWASP Project Category:OWASP_Builders Category:OWASP_Defenders Category:OWASP_Document


Example

Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.