The latest articles on Forem by Aslan Dukaev (@dukaev). https://forem.com/dukaev https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F70682%2Fcd52d676-b005-4ca3-8d1c-edafd150d284.jpg https://forem.com/dukaev en Aslan Dukaev Mon, 23 Sep 2019 19:56:32 +0000 https://forem.com/dukaev/what-was-your-first-pull-request-5920 https://forem.com/dukaev/what-was-your-first-pull-request-5920 <p>Send link of your PR and write few words about it</p> discuss github opensource programming Aslan Dukaev Sat, 14 Sep 2019 20:57:05 +0000 https://forem.com/dukaev/hack-rails-app-13i4 https://forem.com/dukaev/hack-rails-app-13i4 <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--aObGF_DY--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://thepracticaldev.s3.amazonaws.com/i/1o2y3c6dop0e64k3hgpl.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--aObGF_DY--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://thepracticaldev.s3.amazonaws.com/i/1o2y3c6dop0e64k3hgpl.png" alt="Alt Text"></a></p> <p>I found the <a href="https://github.com/OWASP/railsgoat">rails app</a> includes<br> XSS, CSRF, SQL Injection vulnerabilities</p> <h2> Getting Started with Docker </h2> <div class="highlight"><pre class="highlight shell"><code>git clone https://github.com/OWASP/railsgoat <span class="nb">cd </span>railsgoat docker-compose build docker-compose run web rails db:setup docker-compose up </code></pre></div> <p>Open <a href="http://localhost:3000">localhost:3000</a></p> <p>Analyze source code and try to find vulnerabilities.<br> For hints use <a href="https://github.com/OWASP/railsgoat/wiki">wiki</a> and <a href="https://github.com/presidentbeef/brakeman">brakeman</a></p> <p>Happy Hacking!</p> <p>Follow me on <a href="https://github.com/dukaev">GitHub</a></p> ruby rails hack security