Practice before the hunt
One of the major skills a pen tester must have willing to persue Bug bounties,is identifying the most common web vulnerabilities. For this part we will introduce the reader, to some popular web vulnerable applications, that will help make this learning and journey fun and fruitful
OWASP Security Ninjas AppSec Training Program
This open source vulnerable web app was built by Shruti Gupta. It is a great training app because it focuses on the top ten vulnerabilities and it is very easy to install and destroy using docker.
Please download and follow the instructions. We are about to begin our hunting adventure.
Running OWASP Security Ninjas Appsec
For this part, you will need to install Docker in your machine</br>
Once done, open your docker terminal an run ‘docker run -d -p 8899:80 opendns/security-ninjas’
Check your boot2docker ip address
And voila! ready for hunting.