Ken Price's Team
CTF Cyber Range:
Students will build a deliberately vulnerable web application, perhaps a rudimentary learning management system that can be hacked. First, a basic CRUD application is built, then vulnerabilities are introduced to it. Flags (a secret string) are placed in parts of the application that can only be accessed by exploiting the vulnerabilities in the web app (secret in database, in admin page, in source code, etc.) Vulnerabilities can be inspired by past OWASP Top 10s.
Users of the cyber range or CTF can compete with each other by findings flags and earning points by submitting them to some web service that manages the competition. This can be an existing product like CTFd, since it may take too much time to implement a scoreboard *and* a CTF, but can be brought into the scope of the project if there is enough time or developers.
Skills employed: web development (front/backend), knowledge of common web vulnerabilities. Backend will probably be in Java and Frontend may be in React or something else (we can decide as a team).
Students will build a deliberately vulnerable web application, perhaps a rudimentary learning management system that can be hacked. First, a basic CRUD application is built, then vulnerabilities are introduced to it. Flags (a secret string) are placed in parts of the application that can only be accessed by exploiting the vulnerabilities in the web app (secret in database, in admin page, in source code, etc.) Vulnerabilities can be inspired by past OWASP Top 10s.
Users of the cyber range or CTF can compete with each other by findings flags and earning points by submitting them to some web service that manages the competition. This can be an existing product like CTFd, since it may take too much time to implement a scoreboard *and* a CTF, but can be brought into the scope of the project if there is enough time or developers.
Skills employed: web development (front/backend), knowledge of common web vulnerabilities. Backend will probably be in Java and Frontend may be in React or something else (we can decide as a team).
How much experience does your group have? Does the project use anything (art, music, starter kits) you didn't create?
CodeDay Labs team in the advanced track.
Made with 💖 by robots running our open-source software and GraphQL APIs.