|ee24685234||4 years ago|
|exercises||5 years ago|
|solutions@9490958483||4 years ago|
|README.md||5 years ago|
|ruby-primer.md||5 years ago|
DVGM -- Usage and Security Analysis
Introduction / Prerequisites
This exercise sheet is meant to be followed on a recent GNU/Linux installation and makes use of the terminal. While all necessary commands are provided, a basic understanding if its usage is still required.
In the following, we will use the Damn Vulnerable Grade Management (DVGM) app as
a training target. Before continuing, please familiarize yourself with the app
and ensure that it is listening on
$(hostname) is the host name of your machine as returned by the
command. This is important because some scanners have problems when scanning
loopback addresses such as
If you need to fresh-up your Ruby knowledge, our small Ruby Primer might be a helpful companion.
Questions / Challenges
The folder exercises contains several exercises that illustrate both manual exploration of DVGM and the use of tools such as Brakeman, Arachni, and OWASP ZAP for finding various security vulnerabilities in DVGM.