Practice before the hunt

One of the major skills a pen tester must have willing to persue Bug bounties,is identifying the most common web vulnerabilities. For this part we will introduce the reader, to some popular web vulnerable applications, that will help make this learning and journey fun and fruitful

OWASP Security Ninjas AppSec Training Program

This open source vulnerable web app was built by Shruti Gupta. It is a great training app because it focuses on the top ten vulnerabilities and it is very easy to install and destroy using docker.

Please download and follow the instructions. We are about to begin our hunting adventure.

Running OWASP Security Ninjas Appsec

For this part, you will need to install Docker in your machine</br>

Once done, open your docker terminal an run ‘docker run -d -p 8899:80 opendns/security-ninjas’

Check your boot2docker ip address

And voila! ready for hunting.