Core S2 Software Solutions

Web Application Exploits and Defenses: Google Gruyere

Recently I’ve started working on CoreCodex again; I had to stop at the end of last semester because of school work load. Now that I’m reviewing what I previously wrote, I started to realize I had some smaller security issues, but knew there must be more. No one writes code perfectly without peer-review or at least a good self-review.

Google Gruyere is a powerful little GoogleApp which is a web-security lab taught through the Google Code University. It is similar to a WarGame found on several websites to teach programmers (in this case, web programmers) how to find, break, and fix common security bugs in software. What I find brilliant about this online course is that it is a true “lab”: you can create instances of the target website, attempt your own attacks, and review code as well as implement your own bug-fixes.

I know that at my university, we do not explicitly teach nor even offer a course on web security outside of simple IT / Unix concepts (i.e. user / file permissions with chmod, etc..). I found Google’s Gruyere lab powerful, educational, and best of all: helped me find several vulerabilities on CoreCodex and fix them! Check it out, can you find all the vulnerabilities:

Learn how to make web apps more  secure. Do the Gruyere codelab.

Don’t forget to check out Google University; it has some powerful docs to help out any new and advanced software developer!

This entry was posted in News & Updates. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *


Sites map