|Michael Herzberg ee24685234||2 years ago|
|exercises||2 years ago|
|solutions @ 9490958483||2 years ago|
|README.md||2 years ago|
|ruby-primer.md||2 years ago|
This exercise sheet is meant to be followed on a recent GNU/Linux installation and makes use of the terminal. While all necessary commands are provided, a basic understanding if its usage is still required.
In the following, we will use the Damn Vulnerable Grade Management (DVGM) app as
a training target. Before continuing, please familiarize yourself with the app
and ensure that it is listening on
$(hostname) is the host name of your machine as returned by the
command. This is important because some scanners have problems when scanning
loopback addresses such as
If you need to fresh-up your Ruby knowledge, our small Ruby Primer might be a helpful companion.
The folder exercises contains several exercises that illustrate both manual exploration of DVGM and the use of tools such as Brakeman, Arachni, and OWASP ZAP for finding various security vulnerabilities in DVGM.