Shine On !

As part of Bob Allen's Code Craftman Saturdays , we had Shanti Suresh present a hands on workshop at Pillar Technology's Forge 4.0 location in Ann Arbor . Her class shed some light onto what cool computer hackers mean when they say they are going to hack into a system. Bob Allen and Shanti Suresh For this workshop,  which ran 5 keyboard hours we started with an introduction to the different terms such as Phase 1 : Introduction to security  Shanti spoke about when and why security became an important aspect of application development and gave a brief overview of the following. Security Authentication Authorization Next we got down and dirty. Phase 2 : Setting up with Zap Using primarily two tools, WebGoat 6.0.1   and Zap  ( beware of using Zap... it makes your computer vulnerable when connected to an external network or internet) we were able to do some sql injection and bypass security. We setup Zap to intercept traffic ...

Basically I followed instructions on this p age  Setting Up Your Own Cyber Dojo using Turnkey First get the 14.0-jessie-amd64-vmdk image from here . Extract the vmdk image from step 1.  Also download Docker and follow the instructions to install Docker Toolbox  http://docs.docker.com/mac/step_one/ Step 2 will provide us with a VirtualBox. Setup a new linux box with the vmdk image In Virtual Box click on new and select Linux for Type and Debian(64 bit) for Version Click Continue Then choose the memory size. I left it at default Click Continue Select use an existing hard drive and select your image This will create a linux box and ask for you to select a password. Confirm password Use Docker to startup the virtual box you configured Start your service with $ service apache2 restart