Play AppSec WarGames
Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.
OAuth’s core purpose is secure delegation of access, but when apps blindly trust any valid token without verifying it, the trust model breaks down.
We built challenges that demonstrate how an adversary can use tokens from one service to impersonate users on completely unrelated platforms, effectively bypassing authentication and hijacking accounts.
The challenges are available in all popular languages:
Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.
Join our secure coding and AppSec community. A discussion board to share and discuss all aspects of secure programming, AppSec, DevSecOps, fuzzing, cloudsec, AIsec code review, and more.
Read more