Overview sectrain is a program to illustrate some of the security issues common in applications such as XSS and buffer overflows along with how to stop them. Currently this shows example in PHP and Python.
The simplest way to install sectrain is to use the snap
sudo snap install sectrain
Open your browser to your host on port 1984, then browse choose the secure or insecure links. Try an exploit such as :
You will see how sanitizing the input/output helps solve these issues.
Python Buffer Overflows
There are two examples to look at, pybuffgood and pybuffbad, sending in too long of a string breaks it. Simple, but still a good way to illustrate the point.
sectrain pybuffbad abcdefghijkl sectrain pybuffgood abcdefghijkl
Clearly more can be done, but this is just to aid in getting people interested in fixing their code.
Generate an embeddable card to be shared on external websites.
Choose your Linux distribution to get detailed installation instructions. If yours is not shown, get more details on the installing snapd documentation.
Is there a problem with sectrain? Report this app
Thanks for bringing this to our attention. Information you provided will help us investigate further.
There was an error while sending your report. Please try again later.