Skip to content

Details

Hello OWASP Melbourne,
Following our last challenge being well received, we're back with another challenge and ramped up the stakes. Brought to you in collaboration with Dr. Pedram from SecDim, this time a King of the Hill style challenge. Build your app, attack other's apps, and iterate on improving your defences.

How will this work?

This is a battle challenge. You have limited time to address the security vulnerabilities in your code. Once you push your code, you enter the battle page where you can hack other players app. Anytime you successfully hack a player's app, you need to extract the flag. You then submit the flag to get the score. The earlier you defend your app or hack another player's, the higher will be your ranking.

NOTE: If a player hacks your app, you will lose the score and get kicked out of the battle page. You may try again.

No presentation, no lecture. This is a hands-on session to up-skill in secure programming. Please bring your laptop with your development environment set up and ready to go, so that you can jump right into the action.

We will explore these weaknesses:

  • CWE-35 and CWE-23

Agenda:

  • 6:00-6:10 Welcome
  • 6:10-7:30 Let the battle begin.

This event is not catered, but you're welcomed to bring your own food along.

Prepare:
If you are a first timer, get your workstation setup by completing any of the "Start Here" levels on https://play.secdim.com (SecDim Play is a training game for secure programming)

Contribute: Help to foster the community by contributing a secure programming challenge. Follow the guide at https://github.com/secdim/play-sdk.

Keep in-touch:
Keep the conversation going. OWASP Melbourne is on the [AppSec ANZ Discord ( https://discord.gg/uAWze2B )](https://discord.gg/uAWze2B) where you can meet up with others interested in AppSec and secure development.

Hybrid event:
If you're attending in-person, please RSVP (and update if you no longer are able to go) as the venue is very limited. We will update this listing here with the video conference link closer to the event:
https://meet.google.com/oej-hjsp-uwe

Required Equipment
Please bring your own laptop along to the event that has been setup as described above. There is free wifi, but without your own laptop, you won't be able to participate.

PS. This is a joint community event with SecDim.

Other Information
What is OWASP?
The Open Worldwide Application Security Project® (OWASP) is a volunteer-run, nonprofit foundation that works to improve the security of software. Through community-led open source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.

Find out more?
Meetup.com Page: https://www.meetup.com/Application-Security-OWASP-Melbourne/
About the Chapter: https://owasp.org/www-chapter-melbourne/
Join the AppSec ANZ Discord: https://discord.gg/uAWze2B

Related topics

Events in Melbourne
Application Security
Cybersecurity
OWASP
Information Security
Software Development

You may also like