Saka

Hello, I have prepared an article that will give you information about the Saka project in general.

  1. What’s Saka
  2. Running the Application
  3. Web Vulnerabilities

What’s Saka

Saka is a project that can run on a docker container developed with .Net Core 3 which contains web vulnerabilities and also works on environments that support .Net Core 3.

It is divided into three as scope of project, hints and attack page.

Scope of project

On the homepage of the project, a scenario text welcomes the users. This text was created to help testers on the project explain the scope and move in the expected direction.

Hints

Three hints are left to help the tester during the detection of vulnerabilities in the project. As you go from left to right, the detail given in the clues increases.

  • Hint 1 : The minimum information about the vulnerability is given as hint.
  • Hint 2 : Some of the words in the payloads used to trigger the vulnerability are given as hints.
  • Hint 3 : A direct payload for the vulnerability to happen or instructions on how to do it, is given as hint.

Attack Page

It is the page that contains the relevant web vulnerability.

Running the Application

It is the part that shows how to run the container pulled from Docker hub or the Saka project cloned via github.

Docker

docker pull erdemstar/saka:container-name
docker run -d -p 80:80 erdemstar/saka:container-name

Visual Studio 2019 IDE

git clone https://github.com/Erdemstar/Saka
cd project-name
- mouse click on project-name.sln
- devenv project-name.sln (CMD)

Web Vulnerabilities

Saka is a project that contains different web vulnerabilities. You can find out what the existing vulnerabilities are and how they are resolved from the links below.

Cross Site Scripting

Reflected XSS

  • Reflected XSS (Input)
  • Reflected XSS (JS Variable) (soon)
  • Reflected XSS (Referer) (soon)
  • Reflected XSS (Tag Attribute href) (soon)
  • Reflected XSS (Tag Attribute href) (soon)
  • Reflected XSS (User agent) (soon)

--

--

--

i do trying to break my limits which i already had

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

CTF collection Vol.1

Rockin’ in Raleigh: Code.gov at All Things Open and Tech & Pints

Easily Find and Remove Old and Heavy ‘node_modules’ Folders ✨

Heaviest object in this universe is node_modules. Heavier than back hole!

Planning A Project

Four tips to know when you start doing LeetCode problems

Starting is always the hardest part.

InsureDAO Build

Display Base64 encoded images from any data source on your Grafana dashboard

Display Base64 encoded images from any data source on your Grafana dashboard

Toto, I’ve a feeling we’re not in Kansas anymore

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Erdemstar

Erdemstar

i do trying to break my limits which i already had

More from Medium

Check out @LemmaFinance on https://t.co/yrGwMR6Vwt

Behind closed doors

All things DAO and what makes BiaDAO so unique?

123Swap: A high-Tech User Friendly Platform that makes Criptocurrency Trading Easier