Web War III

About
Hackers attack, coders defend, when you get them together you end up with Web War III. WWIII is designed to put your Web Application attack and defense skills to the test.

Teams
Each team consists of two players, an attacker and a defender. The attacker would be capable of identifying Web Application Vulnerabilities (OWASP Top 10). The defender would be capable of writing secure Java code.

Game Format

The game has two stages:

Stage 1:
Each team is given a VM Ware image containing a web server hosting a vulnerable web application. During this stage each team identifies the vulnerabilities in their application.
They try to fix the identified vulnerabilities by making code changes.

Stage 2:
The IP addresses of the Web Server's of all the teams is announced.
Each team looks for vulnerabilities in the Web Applications of the other teams.
Vulnerabilities found on the opponents' application get positive points.
Vulnerabilities found by the opponents on your application get negative points.

Team with the highest points at the end of Stage 2 wins.

Tools and Equipments

Each team should bring their own laptop with VM Ware installed.
The attacker can use any tools they bring.
The applications come with ESAPI to help the defenders fix the code quicker.

| | | | | | | | | | |