Giters

giadagabriele / COD-project

Cyber Offense and Defense Project - Università della Calabria

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

attack-defensebackendchallengeclient-sidecyber-securitycyberdefensecybersecurityportswiggerportswigger-labspythonscriptscriptssecurityserver-sideflask

COD-project

Cyber Offense and Defense Project - Università della Calabria

Chosen challenges from PortSwigger:

Client-side - CSRF where token validation depends on request method
Server-side - Blind OS command injection with output redirection
Expert - Exploiting XXE to retrieve data by repurposing a local DTD

Used in scripts:
https://github.com/Textualize/rich https://github.com/SBoudrias/Inquirer.js https://github.com/tiangolo/typer

Used in backend:
https://github.com/pallets/flask

To run Flask (in terminal)

1. export FLASK_APP=backend.py    
2. export FLASK_ENV=development
3. flask run

You can find a brief explanation of our work here

About

Cyber Offense and Defense Project - Università della Calabria

attack-defensebackendchallengeclient-sidecyber-securitycyberdefensecybersecurityportswiggerportswigger-labspythonscriptscriptssecurityserver-sideflask

Languages

Language:Python 94.8%Language:HTML 5.2%