A training tool displaying some techniques for secure web app development
sectrain is a program to illustrate some of the security issues common in applications such as XSS and buffer overflows along with how to stop them. Currently this shows example in PHP and
The simplest way to install sectrain is to use the snap
sudo snap install sectrain
Open your browser to your host on port 1984, then browse choose the secure or insecure links. Try an exploit such as :
You will see how sanitizing the input/output helps solve these issues.
Python Buffer Overflows
There are two examples to look at, pybuffgood and pybuffbad, sending in too long of a string breaks it. Simple, but still a good way to illustrate the point.
Snaps are applications packaged with all their dependencies to run on all popular Linux distributions from a single build. They update automatically and roll back gracefully.
Snaps are discoverable and installable from the Snap Store, an app store with an audience of millions.
Snap is available for Linux Mint 18.2 (Sonya), Linux Mint 18.3 (Sylvia), Linux Mint 19 (Tara), Linux Mint 19.1 (Tessa) and the latest release, Linux Mint 20 (Ulyana).
You can find out which version of Linux Mint you’re running by opening System info from the Preferences menu.
On Linux Mint 20, /etc/apt/preferences.d/nosnap.pref needs to be removed before Snap can be installed. This can be accomplished from the command line: