/WeHaveSecrets

A sample site used as part of a web security course

Primary LanguageC#MIT LicenseMIT

SecretsRUs

A sample site used as part of a web security workshop. This is current WIP

Intention

The intention of this site is to be used as an example of poor security practices.

As such any security flaw is (hopefully) by design.

This site will be provided to a developer (or group) - and they will be asked to fix those security flaws.

To provide feedback there will a companion project which will, on commit, run the site through a series of pre-developed security attacks.

The developer should work through the security flaws until such point as the companion project fails to exploit the site.

Interested?

Feel free to contact me if you are interested in the final solution.

I plan to run as a workshop with clients - however, I 'm likely to allow anyone to have a go if they want (I'll need to document). More on this once I've got the core project in place