GitHub - OWASP-Ruhrpott/owasp-workshop-burp-session-handling: Broken web app intentionally built with pentesting obstacles

OWASP-Ruhrpott / owasp-workshop-burp-session-handling Public

forked from thomaspatzke/NastyWebHackme

Notifications You must be signed in to change notification settings
Fork 0
Star 1

Broken web app intentionally built with pentesting obstacles

GPL-2.0 license

1 star 8 forks Branches Tags Activity

Star

Notifications

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
static		static
templates		templates
BrokenApp.py		BrokenApp.py
Burp Session Handling.pdf		Burp Session Handling.pdf
BurpSessionHandling.burp-projectopts.json		BurpSessionHandling.burp-projectopts.json
LICENSE		LICENSE
README		README
ServerSideSession.py		ServerSideSession.py

Repository files navigation

INSTALL
=======

1. Install Python 3.4 + virtualenv
2. (optional) virtualenv -p python3 pyenv
3. (optional) . pyenv/bin/activate
4. pip3 install flask

Run
===

1. (if in virtualenv) . pyenv/bin/activate
2. python3 BrokenApp.py
3. Open http://localhost:8001 in your browser

Credentials: user/pass

Burp
====

The file BurpSessionHandling.burp-projectopts.json can be loaded as project
options file and contains session handling rules to solve the challenges
from the slides in Burp Session Handling.pdf.