Hello, I have prepared an article that will give you information about the Saka project in general.
- What’s Saka
- Running the Application
- Web Vulnerabilities
What’s Saka
Saka is a project that can run on a docker container developed with .Net Core 3 which contains web vulnerabilities and also works on environments that support .Net Core 3.
It is divided into three as scope of project, hints and attack page.
Scope of project
On the homepage of the project, a scenario text welcomes the users. This text was created to help testers on the project explain the scope and move in the expected direction.
Hints
Three hints are left to help the tester during the detection of vulnerabilities in the project. As you go from left to right, the detail given in the clues increases.
- Hint 1 : The minimum information about the vulnerability is given as hint.
- Hint 2 : Some of the words in the payloads used to trigger the vulnerability are given as hints.
- Hint 3 : A direct payload for the vulnerability to happen or instructions on how to do it, is given as hint.
Attack Page
It is the page that contains the relevant web vulnerability.
Running the Application
It is the part that shows how to run the container pulled from Docker hub or the Saka project cloned via github.
Docker
docker pull erdemstar/saka:container-name
docker run -d -p 80:80 erdemstar/saka:container-name
Visual Studio 2019 IDE
git clone https://github.com/Erdemstar/Saka
cd project-name
- mouse click on project-name.sln
- devenv project-name.sln (CMD)
Web Vulnerabilities
Saka is a project that contains different web vulnerabilities. You can find out what the existing vulnerabilities are and how they are resolved from the links below.
Cross Site Scripting
Reflected XSS