OWASP Hackademic Challenges project
The '''OWASP Hackademic Challenges''' Project helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controllable and safe environment.
The latest production version is the next branch, the development version is the next-dev branch.
The Hackademic Challenges implement realistic scenarios with known vulnerabilities in a safe, controllable environment. Users can attempt to discover and exploit these vulnerabilities in order to learn important concepts of information security through the attacker's perspective.
Currently, there are 10 web application security scenarios available.
You can choose to start from the one that you find most appealing,although we suggest to follow the order presented on the first page.We intend to expand the available challenges with additional scenarios that involve cryptography, and even vulnerable systems implemented in download-able virtual machines.
The project can be easily deployed to any PHP-capable web server running mysql/mariadb. Just clone the project somewhere in your websites folder (In most linux systems that would be /var/www/) make sure the folder is writable by the webserver, open your browser and visit http://localhost//
Road Map and Getting Involved
We maintain an up to date list of open issues on the platform on our issues
For a list of features we would like implemented you can see either the issues page or our Google Summer Of Code ideas page
Involvement in the development and promotion of the Hackademic Challenges is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:
- Write Documentation
- Write Unit tests
- Develop themes and plugins
- Write Challenges or Articles or contribute security courses
Tips for developers
Hackademic is a young project, however, it's gaining momentum fast. If you are interested in contributing you should follow some basic guidelines.
- The latest development version is the next-dev branch, you should check it out and make all your pull requests there.
- We would really appreciate it if your new features came with unit tests. If you don't know how ask us.
- -- more to follow --
Both channels are very low traffic