Kick off the New Year by solving a hands-on adventure to fire up any dulled brain cells, lulled in to hibernation over the last few weeks’ festivities.
Ed Skoudis and Tim Medin created a fun, hands-on technical challenge providing a wonderful piece of learning and a number of marvellous trials to understanding uncover flaws in web applications. We, the defenders, need to understand the attackers approaches in seeking chinks in web application’s armour and manipulate flaws, mis-configuration and untested logic to their own ends; this mischievously engaging, and possibly enraging, puzzle helps build our skills.
Without further to-do, leap forth and battle Mr Skoudis’ and Medin’s Holiday Challenge:
Not sure what tools to use to get started understanding the nooks and crannies of the web applications? Kevin Johnston's, fellow ISC Handler, Samurai Web Testing Framework - a LiveCD focused on web application testing - is a perfect companion for this adventure.
Have fun learning and practicing!
Setting up WTF Samurai on VMware:
 WTF Samurai download http://sourceforge.net/projects/samurai/
Ps the password for WTF Samurai is samurai 
 In case you forget: http://www.whatisthesamuraipassword.com/
Chris Mohan --- Internet Storm Center Handler on Duty
Jan 2nd 2013
6 years ago