/thesis-ahs

Primary LanguageJavaGNU General Public License v3.0GPL-3.0

Security Training for Web Developers based on OWASP Juice Shop

In this security training, the most critical risks in software applications are presented to teach web developers how to develop a secure web application.
After introducing the Open Web Application Security Project Top 10 (OWASP Top 10), a selection of the application security risks listed in the OWASP Top 10 will be described step by step. Each security risk of the selection has its own folder with certain challenges to solve. In these challenges, the participants of the course have to find various security flaws in the OWASP Juice Shop, which is an intentionally vulnerable web application. The descriptions of these challenges are in the folder Challenges. Also, you have the opportunity to view a Spring Boot Application, which shows the best practice for implementing those functions which are implemented with security flaws in OWASP Juice Shop: Go to folder Spring Boot Application to run this app.

Presentation

Presentation

Useful links

Complete documentation about OWASP Juice Shop

The Page of the OWASP Juice Shop Project in The OWASP Foundation Wiki.

The OWASP Top 10: Description of each application security risk in OWASP