SlideShare una empresa de Scribd logo

Making of GameOver

n|u - The Open Security Community
n|u - The Open Security Community

null Mumbai Chapter - August 2012 Meet

EducaciónTecnología
1 de 17
Descargar para leer sin conexión
The making of .... GameOver --Presented by Jovin Lobo
Agenda ● What is GameOver ?? ● Idea behind its creation. ● Voyage Linux / Backbone of GameOver. ● Contents / Those incredible web apps. ● Walkthrough. ● Response. ● RoadMap. ● How you could contribute ......
What's GameOver ??? ● A webserver hosting deliberately vulnerable web apps. ● A place to begin learning Web Security. ● A place for “rookie-hackers” to improve their skills.
● Objective: “Building a platform for training and educating newbies about the basics of web security and educating them about some of the common web attacks.”
The path.... ● A minimilistic Linux distro was needed. ● Why Voyage Linux ??? ● Finding the right web applications . ● Compilation and conversion into the .iso images. ● Announcements via mailing lists.
The path.... ● A minimilistic Linux distro was needed. ● Why Voyage Linux ??? ● Finding the right web applications . ● Compilation and conversion into the .iso images. ● Announcements via mailing lists.
Why Voyage ?? ● Minimalistic ( Typical installation requires 128MB disk space). ● Open Source. ● Stable , well maintained by the community. ● Debian based. ● More info : http://linux.voyage.hk/
Web Apps included ... ● Section 1: ● Section 2: – DVWA – Hackademic Challenges – WebGoat – Vicnum – Mutillidae – Wackopicko – Ghost – Insecure web App – ZAP-Wave – BodgeIt – PuzzleMall – WAVSEP
Walk Through Base OS – Voyage 0.8 ● Open Source Minimalistic Debian Based Well maintained by community VM environment - VM Ware Virtual Player 4.0 ● Updated Voyage ● Installation of LAMP Server ● Apache2 MySQL PHP5
● Applications running on Apache Web Server : DVWA, Ghost, Mutillidae, Hackademic, Vicnum and Wackopicko. ● Applications running on Apache Tomcat : Web Goat, BodgeIT, PuzzleMall, Zap-Wave, Insecure Web App, and WAVSEP. ● Used WebGoat's Tomcat Server ( /var/www/WebGoat-5.2/tomcat/webapps) ● Conversion of VM into the .iso image : Used the tool Remastersys
Release ● GameOver was launched as an official Null Community Project. (14/06/2012) ● GPLv3 Licensed. ● Notifying the concerned authors and developers of the various Web Applications.
Response after release... As of 21st August 2012...
Road Map ● Resolving the installation issue (obviously). ● Inclusion of more Vulnerable Web Apps. ● Inclusion of System Level CTF's. ● Improved UI. ● Acting on the various inputs/bugs reported.
How can you Contribute ?? ● Report Bugs. ● Suggest new Web Apps/ ideas. ● Develop Web apps for learning security.
GameOver .... .... and  Prosper 

Recomendados

Vagrant hands on workshop for beginners
Vagrant hands on workshop for beginnersVagrant hands on workshop for beginners
Vagrant hands on workshop for beginners
Liora Milbaum
 
Vagrant 101 Workshop
Vagrant 101 WorkshopVagrant 101 Workshop
Vagrant 101 Workshop
Liora Milbaum
 
Easy WP Dev environments with VVV
Easy WP Dev environments with VVVEasy WP Dev environments with VVV
Easy WP Dev environments with VVV
Daniel Stout
 
Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngineOhio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Nick Anderson
 
WPE, a New WebKit Port Optimised for Embedded (IBC 2017)
WPE, a New WebKit Port Optimised for Embedded (IBC 2017)WPE, a New WebKit Port Optimised for Embedded (IBC 2017)
WPE, a New WebKit Port Optimised for Embedded (IBC 2017)
Igalia
 
Open source and .net
Open source and .netOpen source and .net
Open source and .net
Hrvoje Hudoletnjak
 
Realtime rocks
Realtime rocksRealtime rocks
Realtime rocks
Vanbosse
 
Virtualization for Developers
Virtualization for DevelopersVirtualization for Developers
Virtualization for Developers
John Coggeshall
 

Recomendados

Vagrant hands on workshop for beginners
Vagrant hands on workshop for beginnersVagrant hands on workshop for beginners
Vagrant hands on workshop for beginners
Liora Milbaum
 
Vagrant 101 Workshop
Vagrant 101 WorkshopVagrant 101 Workshop
Vagrant 101 Workshop
Liora Milbaum
 
Easy WP Dev environments with VVV
Easy WP Dev environments with VVVEasy WP Dev environments with VVV
Easy WP Dev environments with VVV
Daniel Stout
 
Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngineOhio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Ohio Linux Fest 2013: Provisioning VMs Quickly with Vagrant and CFEngine
Nick Anderson
 
WPE, a New WebKit Port Optimised for Embedded (IBC 2017)
WPE, a New WebKit Port Optimised for Embedded (IBC 2017)WPE, a New WebKit Port Optimised for Embedded (IBC 2017)
WPE, a New WebKit Port Optimised for Embedded (IBC 2017)
Igalia
 
Open source and .net
Open source and .netOpen source and .net
Open source and .net
Hrvoje Hudoletnjak
 
Realtime rocks
Realtime rocksRealtime rocks
Realtime rocks
Vanbosse
 
Virtualization for Developers
Virtualization for DevelopersVirtualization for Developers
Virtualization for Developers
John Coggeshall
 
Using vagrant for developing and testing puppet modules
Using vagrant for developing and testing puppet modulesUsing vagrant for developing and testing puppet modules
Using vagrant for developing and testing puppet modules
Kristian Houlberg Øllegaard
 
Gestión de la configuración - Jenkins ci
Gestión de la configuración - Jenkins ciGestión de la configuración - Jenkins ci
Gestión de la configuración - Jenkins ci
Carles San Agustin
 
Intro to Node.js (v1)
Intro to Node.js (v1)Intro to Node.js (v1)
Intro to Node.js (v1)
Chris Cowan
 
Mobile Virtualization Management
Mobile Virtualization ManagementMobile Virtualization Management
Mobile Virtualization Management
Yaniv Bronhaim
 
Tomboy Web Sync Explained
Tomboy Web Sync ExplainedTomboy Web Sync Explained
Tomboy Web Sync Explained
Mohan Krishnan
 
Waylandifying Chromium: From downstream to shipping (ELCE 2020)
Waylandifying Chromium: From downstream to shipping (ELCE 2020)Waylandifying Chromium: From downstream to shipping (ELCE 2020)
Waylandifying Chromium: From downstream to shipping (ELCE 2020)
Igalia
 
FreeBSD hosting
FreeBSD hostingFreeBSD hosting
FreeBSD hosting
punkt.de GmbH
 
Ruby Installation
Ruby InstallationRuby Installation
Ruby Installation
SHC
 
Fixing Gaps. Strengthening the Chromium platform for content blocking
Fixing Gaps. Strengthening the Chromium platform for content blockingFixing Gaps. Strengthening the Chromium platform for content blocking
Fixing Gaps. Strengthening the Chromium platform for content blocking
Igalia
 
An Introduction to Node.js Development with Windows Azure
An Introduction to Node.js Development with Windows AzureAn Introduction to Node.js Development with Windows Azure
An Introduction to Node.js Development with Windows Azure
Troy Miles
 
OSDC 2008 talk: An open source "YouTube"
OSDC 2008 talk: An open source "YouTube"OSDC 2008 talk: An open source "YouTube"
OSDC 2008 talk: An open source "YouTube"
Silvia Pfeiffer
 
WebAssembly Fundamentals
WebAssembly FundamentalsWebAssembly Fundamentals
WebAssembly Fundamentals
Knoldus Inc.
 
Yahoo! Mojito talk on Agency Hackday
Yahoo! Mojito talk on Agency HackdayYahoo! Mojito talk on Agency Hackday
Yahoo! Mojito talk on Agency Hackday
Gaurav Vaish
 
Apidaze WebRTC Workshop barcelona 21st april 2013
Apidaze WebRTC Workshop barcelona 21st april 2013Apidaze WebRTC Workshop barcelona 21st april 2013
Apidaze WebRTC Workshop barcelona 21st april 2013
Alan Quayle
 
Open Web Device: The first phone running Firefox OS!
Open Web Device: The first phone running Firefox OS!Open Web Device: The first phone running Firefox OS!
Open Web Device: The first phone running Firefox OS!
Francisco Jordano
 
Vim
VimVim
Vim
Kristaps Kūlis
 
What the HACK is HHVM?
What the HACK is HHVM?What the HACK is HHVM?
What the HACK is HHVM?
Hean Hong Leong
 
Vagrant
VagrantVagrant
Vagrant
ProfessionalVMware
 
Docker off the grid
Docker off the gridDocker off the grid
Docker off the grid
Mirantis IT Russia
 
Vagrant step-by-step guide for Beginners
Vagrant step-by-step guide for BeginnersVagrant step-by-step guide for Beginners
Vagrant step-by-step guide for Beginners
Sagar Acharya
 
Headless Android at AnDevCon3
Headless Android at AnDevCon3Headless Android at AnDevCon3
Headless Android at AnDevCon3
Opersys inc.
 
B wapp – bee bug – installation
B wapp – bee bug – installationB wapp – bee bug – installation
B wapp – bee bug – installation
Ronan Dunne, CEH, SSCP
 

Más contenido relacionado

La actualidad más candente

Open Web Device: The first phone running Firefox OS!
Open Web Device: The first phone running Firefox OS!Open Web Device: The first phone running Firefox OS!
Open Web Device: The first phone running Firefox OS!
Francisco Jordano
 

La actualidad más candente (20)

Using vagrant for developing and testing puppet modules
Using vagrant for developing and testing puppet modulesUsing vagrant for developing and testing puppet modules
Using vagrant for developing and testing puppet modules
 
Gestión de la configuración - Jenkins ci
Gestión de la configuración - Jenkins ciGestión de la configuración - Jenkins ci
Gestión de la configuración - Jenkins ci
 
Intro to Node.js (v1)
Intro to Node.js (v1)Intro to Node.js (v1)
Intro to Node.js (v1)
 
Mobile Virtualization Management
Mobile Virtualization ManagementMobile Virtualization Management
Mobile Virtualization Management
 
Tomboy Web Sync Explained
Tomboy Web Sync ExplainedTomboy Web Sync Explained
Tomboy Web Sync Explained
 
Waylandifying Chromium: From downstream to shipping (ELCE 2020)
Waylandifying Chromium: From downstream to shipping (ELCE 2020)Waylandifying Chromium: From downstream to shipping (ELCE 2020)
Waylandifying Chromium: From downstream to shipping (ELCE 2020)
 
FreeBSD hosting
FreeBSD hostingFreeBSD hosting
FreeBSD hosting
 
Ruby Installation
Ruby InstallationRuby Installation
Ruby Installation
 
Fixing Gaps. Strengthening the Chromium platform for content blocking
Fixing Gaps. Strengthening the Chromium platform for content blockingFixing Gaps. Strengthening the Chromium platform for content blocking
Fixing Gaps. Strengthening the Chromium platform for content blocking
 
An Introduction to Node.js Development with Windows Azure
An Introduction to Node.js Development with Windows AzureAn Introduction to Node.js Development with Windows Azure
An Introduction to Node.js Development with Windows Azure
 
OSDC 2008 talk: An open source "YouTube"
OSDC 2008 talk: An open source "YouTube"OSDC 2008 talk: An open source "YouTube"
OSDC 2008 talk: An open source "YouTube"
 
WebAssembly Fundamentals
WebAssembly FundamentalsWebAssembly Fundamentals
WebAssembly Fundamentals
 
Yahoo! Mojito talk on Agency Hackday
Yahoo! Mojito talk on Agency HackdayYahoo! Mojito talk on Agency Hackday
Yahoo! Mojito talk on Agency Hackday
 
Apidaze WebRTC Workshop barcelona 21st april 2013
Apidaze WebRTC Workshop barcelona 21st april 2013Apidaze WebRTC Workshop barcelona 21st april 2013
Apidaze WebRTC Workshop barcelona 21st april 2013
 
Open Web Device: The first phone running Firefox OS!
Open Web Device: The first phone running Firefox OS!Open Web Device: The first phone running Firefox OS!
Open Web Device: The first phone running Firefox OS!
 
Vim
VimVim
Vim
 
What the HACK is HHVM?
What the HACK is HHVM?What the HACK is HHVM?
What the HACK is HHVM?
 
Vagrant
VagrantVagrant
Vagrant
 
Docker off the grid
Docker off the gridDocker off the grid
Docker off the grid
 
Vagrant step-by-step guide for Beginners
Vagrant step-by-step guide for BeginnersVagrant step-by-step guide for Beginners
Vagrant step-by-step guide for Beginners
 

Similar a Making of GameOver

Toorcon Seattle 2011 - Browser Exploit Packs
Toorcon Seattle 2011 - Browser Exploit PacksToorcon Seattle 2011 - Browser Exploit Packs
Toorcon Seattle 2011 - Browser Exploit Packs
Aditya K Sood
 
How fast can you onboard a new team member with VAGRANT ?
How fast can you onboard a new team member with VAGRANT ?How fast can you onboard a new team member with VAGRANT ?
How fast can you onboard a new team member with VAGRANT ?
Vivek Parihar
 
symfony: An Open-Source Framework for Professionals (PHP Day 2008)
symfony: An Open-Source Framework for Professionals (PHP Day 2008)symfony: An Open-Source Framework for Professionals (PHP Day 2008)
symfony: An Open-Source Framework for Professionals (PHP Day 2008)
Fabien Potencier
 
MonkeySpider at Sicherheit 2008
MonkeySpider at Sicherheit 2008MonkeySpider at Sicherheit 2008
MonkeySpider at Sicherheit 2008
Ali Ikinci
 
DEF CON 20 - Botnets Die Hard - Owned and Operated
DEF CON 20 - Botnets Die Hard - Owned and OperatedDEF CON 20 - Botnets Die Hard - Owned and Operated
DEF CON 20 - Botnets Die Hard - Owned and Operated
Aditya K Sood
 
Dev/Stage/Prod Parity with Vagrant
Dev/Stage/Prod Parity with VagrantDev/Stage/Prod Parity with Vagrant
Dev/Stage/Prod Parity with Vagrant
Mike Bybee
 

Similar a Making of GameOver (20)

Headless Android at AnDevCon3
Headless Android at AnDevCon3Headless Android at AnDevCon3
Headless Android at AnDevCon3
 
B wapp – bee bug – installation
B wapp – bee bug – installationB wapp – bee bug – installation
B wapp – bee bug – installation
 
NCDevCon 2017 - Cross Platform Mobile Apps
NCDevCon 2017 - Cross Platform Mobile AppsNCDevCon 2017 - Cross Platform Mobile Apps
NCDevCon 2017 - Cross Platform Mobile Apps
 
Headless Android
Headless AndroidHeadless Android
Headless Android
 
Toorcon Seattle 2011 - Browser Exploit Packs
Toorcon Seattle 2011 - Browser Exploit PacksToorcon Seattle 2011 - Browser Exploit Packs
Toorcon Seattle 2011 - Browser Exploit Packs
 
How fast can you onboard a new team member with VAGRANT ?
How fast can you onboard a new team member with VAGRANT ?How fast can you onboard a new team member with VAGRANT ?
How fast can you onboard a new team member with VAGRANT ?
 
Titanium Desktop Intro
Titanium Desktop IntroTitanium Desktop Intro
Titanium Desktop Intro
 
Continuous Integration Step-by-step
Continuous Integration Step-by-stepContinuous Integration Step-by-step
Continuous Integration Step-by-step
 
symfony: An Open-Source Framework for Professionals (PHP Day 2008)
symfony: An Open-Source Framework for Professionals (PHP Day 2008)symfony: An Open-Source Framework for Professionals (PHP Day 2008)
symfony: An Open-Source Framework for Professionals (PHP Day 2008)
 
Apache Cordova, Hybrid Application Development
Apache Cordova, Hybrid Application DevelopmentApache Cordova, Hybrid Application Development
Apache Cordova, Hybrid Application Development
 
MonkeySpider at Sicherheit 2008
MonkeySpider at Sicherheit 2008MonkeySpider at Sicherheit 2008
MonkeySpider at Sicherheit 2008
 
Jython on Django
Jython on DjangoJython on Django
Jython on Django
 
DEF CON 20 - Botnets Die Hard - Owned and Operated
DEF CON 20 - Botnets Die Hard - Owned and OperatedDEF CON 20 - Botnets Die Hard - Owned and Operated
DEF CON 20 - Botnets Die Hard - Owned and Operated
 
Development environment agile way
Development environment agile wayDevelopment environment agile way
Development environment agile way
 
Once upon a time, there were css, js and server-side rendering
Once upon a time, there were css, js and server-side renderingOnce upon a time, there were css, js and server-side rendering
Once upon a time, there were css, js and server-side rendering
 
Splunking the JVM
Splunking the JVMSplunking the JVM
Splunking the JVM
 
Android Hacks, Variants, Tricks and Resources ESC SV 2012
Android Hacks, Variants, Tricks and Resources ESC SV 2012Android Hacks, Variants, Tricks and Resources ESC SV 2012
Android Hacks, Variants, Tricks and Resources ESC SV 2012
 
Vagrant - Team Development made easy
Vagrant - Team Development made easyVagrant - Team Development made easy
Vagrant - Team Development made easy
 
Dev/Stage/Prod Parity with Vagrant
Dev/Stage/Prod Parity with VagrantDev/Stage/Prod Parity with Vagrant
Dev/Stage/Prod Parity with Vagrant
 
Magnificent Meteor -By Dipali Vyas (PM Zestard Technologies) for GDG Ahmedaba...
Magnificent Meteor -By Dipali Vyas (PM Zestard Technologies) for GDG Ahmedaba...Magnificent Meteor -By Dipali Vyas (PM Zestard Technologies) for GDG Ahmedaba...
Magnificent Meteor -By Dipali Vyas (PM Zestard Technologies) for GDG Ahmedaba...
 

Más de n|u - The Open Security Community

Más de n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Último

Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 

Último (20)

Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 

Making of GameOver

  • 1. The making of .... GameOver --Presented by Jovin Lobo
  • 2. Agenda ● What is GameOver ?? ● Idea behind its creation. ● Voyage Linux / Backbone of GameOver. ● Contents / Those incredible web apps. ● Walkthrough. ● Response. ● RoadMap. ● How you could contribute ......
  • 3. What's GameOver ??? ● A webserver hosting deliberately vulnerable web apps. ● A place to begin learning Web Security. ● A place for “rookie-hackers” to improve their skills.
  • 4. Objective: “Building a platform for training and educating newbies about the basics of web security and educating them about some of the common web attacks.”
  • 5. The path.... ● A minimilistic Linux distro was needed. ● Why Voyage Linux ??? ● Finding the right web applications . ● Compilation and conversion into the .iso images. ● Announcements via mailing lists.
  • 6. The path.... ● A minimilistic Linux distro was needed. ● Why Voyage Linux ??? ● Finding the right web applications . ● Compilation and conversion into the .iso images. ● Announcements via mailing lists.
  • 7. Why Voyage ?? ● Minimalistic ( Typical installation requires 128MB disk space). ● Open Source. ● Stable , well maintained by the community. ● Debian based. ● More info : http://linux.voyage.hk/
  • 8. Web Apps included ... ● Section 1: ● Section 2: – DVWA – Hackademic Challenges – WebGoat – Vicnum – Mutillidae – Wackopicko – Ghost – Insecure web App – ZAP-Wave – BodgeIt – PuzzleMall – WAVSEP
  • 9. Walk Through Base OS – Voyage 0.8 ● Open Source Minimalistic Debian Based Well maintained by community VM environment - VM Ware Virtual Player 4.0 ● Updated Voyage ● Installation of LAMP Server ● Apache2 MySQL PHP5
  • 10. Applications running on Apache Web Server : DVWA, Ghost, Mutillidae, Hackademic, Vicnum and Wackopicko. ● Applications running on Apache Tomcat : Web Goat, BodgeIT, PuzzleMall, Zap-Wave, Insecure Web App, and WAVSEP. ● Used WebGoat's Tomcat Server ( /var/www/WebGoat-5.2/tomcat/webapps) ● Conversion of VM into the .iso image : Used the tool Remastersys
  • 11. Release ● GameOver was launched as an official Null Community Project. (14/06/2012) ● GPLv3 Licensed. ● Notifying the concerned authors and developers of the various Web Applications.
  • 12. Response after release... As of 21st August 2012...
  • 13.
  • 14. Road Map ● Resolving the installation issue (obviously). ● Inclusion of more Vulnerable Web Apps. ● Inclusion of System Level CTF's. ● Improved UI. ● Acting on the various inputs/bugs reported.
  • 15. How can you Contribute ?? ● Report Bugs. ● Suggest new Web Apps/ ideas. ● Develop Web apps for learning security.
  • 16.
  • 17. GameOver .... .... and  Prosper