Welcome to the Linux Foundation Forum!

Diving into the "Understanding the OWASP® Top 10 Security Threats (SKF100)" course

Hello everyone! 👋

I'm currently diving into the "Understanding the OWASP® Top 10 Security Threats (SKF100)" course and finding it incredibly insightful. This course is deepening my understanding of critical web application vulnerabilities and how to mitigate them effectively.

Feel free say Hi or to introduce yourselves—I'd love to know what brought you here! Also, let’s discuss tools, techniques, or even experiences related to OWASP. If you have questions or ideas, share them here! Let’s make this forum a great resource. 😊. Thank you in advance.

"In a deep ocean, we can alwaysfind a way to keep going and move forward to survive."
Regards.
Marco Trejo.

Comments

  • Hi! everyone!

    i'm currently take this course. i hope that help me to understand this world of cybersecurity, i am senior full stack developer, with knowledge in Flutter, Angular and NestJS, but i need expand my knowledge with this topics.

    I am from Chile, but live in Colombia from this Year, i love my career and I need to learn a lot more.

    Regards
    Mirko Andres Gonzalez Vásquez

  • Hey Mirko! I recently started this course - I really enjoy the content. I wondered if the labs work for you? Burp Suit does not load the labs environment at all for me (no POST requests at all).

  • reinouts
    reinouts Posts: 4

    Hello. I have reached Lab 4.1 about insecure randomness but I'm stuck. I'm running the owasp-skf-lab:threatmodeling container on my machine.
    The instructions ask me to run pip3 install -r requirements.txt but where do I find the requirements.txt file? It's not in the Resources submenu on the left, nor can I find it when I open a terminal inside the container.

  • fcioanca
    fcioanca Posts: 2,364

    Hi @reinouts

    Please check out the Course Resources tab on the Course Support and Other Resources page, where you can find details on how you can access the files.

    Regards,
    Flavia
    Linux Foundation Education

  • reinouts
    reinouts Posts: 4

    The instructions ask me to run pip3 install -r requirements.txt but where do I find the requirements.txt file? It's not in the Resources submenu on the left, nor can I find it when I open a terminal inside the container.

    After some experimenting, I have found that the Python script needs the 'requests' package, which is the only line in requirements.txt that is needed.

    Still, I find Step 2 in the lab confusing. I tried to post the form values automatically by changing the script a little and I believe I succeeded after figuring out that the POST request needs a Content-Type: application/x-www-form-urlencoded header, but it's hard to validate.

  • reinouts
    reinouts Posts: 4

    Hi Flavia,

    Please check out the Course Resources tab on the Course Support and Other Resources page, where you can find details on how you can access the files.

    Do you have a link for me? When I'm in the Training Portal and click the link 'Contact Support' it leads me to a generic support portal. I do not see a Course Support and Other Resources page anywhere.

  • fcioanca
    fcioanca Posts: 2,364

    Hi @reinouts

    It's in the course menu, first chapter. Please see the screenshot below:

    Best,
    Flavia

  • reinouts
    reinouts Posts: 4

    Didn't see it until now, I was looking under Resources. Thanks.

Categories

Upcoming Training