DEV Community

Aslan Dukaev
Aslan Dukaev

Posted on

2 1

Hack Rails with vulnerabilities by OWASP

#ruby #rails #hack #security

Alt Text

I found the rails app includes
XSS, CSRF, SQL Injection vulnerabilities

Getting Started with Docker 

git clone https://github.com/OWASP/railsgoat
cd railsgoat

docker-compose build
docker-compose run web rails db:setup
docker-compose up

Open localhost:3000

Analyze source code and try to find vulnerabilities.
For hints use wiki and brakeman

Happy Hacking!

Follow me on GitHub

Top comments (0)

profile
Sentry
 Promoted

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Read next

trixsec profile image

End Of Series: Mastering Cross-Site Scripting (XSS)

Trix Cyrus -

jetthoughts-dev profile image

Rails 8: Introducing the Built-in Authentication Generator

JetThoughts Dev -

pentest_testing_corp profile image

Fixing Broken Access Control in Laravel: A Step-by-Step Guide with Coding Example

Pentest Testing Corp -

suzuki0430 profile image

Automating Security Hub Findings Summary with Bedrock, Slack Notifications, and Zenhub Task Management

Atsushi Suzuki -