Play AppSec WarGames
Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.
Create Custom Labs Using Your Codebase and Security Reports
At SecDim, all our labs are derived from real public incidents and vulnerabilities, but not all vulnerabilities or incidents are public. But that does not mean they cannot become hands-on labs.
Introducing SecDim Open Source Play SDK
Imagine you’ve just received a penetration test report. One of the findings describes a vulnerability in a service your team owns. The issue is clear, and the remediation guidance is there. Instead of letting that knowledge live only in a PDF, you can turn it into an interactive hands-on lab where every developer practices finding, exploiting and fixing the vulnerability.
With SecDim Open Source Play SDK, you can recreate exactly the vulnerability from your code, define what secure condition looks like, and privately make the lab available to your colleagues via SecDim Play.
You can also turn any of your codebase into a custom lab that is tailored to your company coding convention, custom libraries, frameworks and design patterns.
How easy is it?
Step one: forking the SDK
Anyone can start by forking the Play SDK repository:
The repository gives you a clear structure to work with, and the possibility to choose the same frameworks you build your products with. If the framework is not there, create a post on Discuss under your private board if you are an enterprise customer or in Challenge Builder - Discuss if you are a community creator. We will add it in no time.
Step two: recreate the vulnerable application
Next, write an application that reproduces the vulnerability. This doesn’t have to be a full production service. In most cases, a focused, minimal app is better.
For example if your report states that there is an XSS vulnerability in your /sayHello endpoint, you can add
@RequestMapping(value = "/sayHello", method = RequestMethod.GET)
public static ResponseEntity sayHello(@RequestParam(name="name",required=false) String name) throws Exception {
if(name == null || name.equals("")){
return new ResponseEntity<>("Tell me who to say hello? e.g. /sayHello/?name=alice", HttpStatus.OK);
}
return new ResponseEntity<>("<h1>Hello, "+username+"</h1>" , HttpStatus.OK);
}
Step three: define what “secure” and “usable” means
Every SecDim labs provide usability test and security tests.
To ensure your application is working as intended, and that the player’s security patch doesn’t break the core functionality, you will need to define usability tests.
The security tests instead, define the attack payloads that exploit the vulnerability.
For example for the XSS mentioned before, an attack payload could be
@Test
public void test_sayHello_shouldEscapeHtmlResponse() throws Exception {
this.mockMvc.perform(get("/sayHello").param("name", "<script>alert(1)</script>"))
.andExpect(status().isOk()).andExpect(content().string(containsString("<script>alert(1)</script>")));
}
This is a crucial part of the lab. The security test is what turns a vague recommendation from a report (for example) into something concrete for developers. Security tests should fail when the vulnerability is present and only pass when the issue is fixed properly. Instead of telling developers “this is insecure” the security tests replicate attack scenarios that exploit the vulnerability and fail if the code is vulnerable.
Step four: implementing the patch
Write the secure version of the code. This patch represents the correct fix according to your standards. So if you are using a specific library in your company, you can also include that in the lab.
Running the lab on the platform
Once everything is in place, add the user pi3ch to the repo, and we will make the challenge available on the platform in no time. You define the points for the lab and the hints to guide the users.
Ideas to start?
Recurring findings are great candidates. Look at your bug bounty programs, penetration testing reports, SAST, SCA, DAST findings.
For more details go to: SecDim Play SDK - GitHub
We also reward you
If you are a community contributor, we publish the challenge under your username and we also give you rewards. Check our Reward page.
Turn Your Codebase Into Learning Lab
By turning your real vulnerabilities, patterns, and fixes into executable labs, you move the security knowledge from documents to repeatable learning opportunity.
That’s the real value of custom labs. Everyone in your team can practice, break, and learn how to fix you real vulnerabilities.
