Kick off the New Year by solving a hands-on adventure to fire up any dulled brain cells, lulled in to hibernation over the last few weeks festivities.
Ed Skoudis and Tim Medin created a fun, hands-on technical challenge providing a wonderful piece of learning and a number of marvellous trials to understanding uncover flaws in web applications. We, the defenders, need to understand the attackers approaches in seeking chinks in web application this mischievously engaging, and possibly enraging, puzzle helps build our skills.
Without further to-do, leap forth and battle Mr Skoudis and Medins Holiday Challenge:
Not sure what tools to use to get started understanding the nooks and crannies of the web applications? Kevin Johnstons, fellow ISC Handler, Samurai Web Testing Framework - a LiveCD focused on web application testing - is a perfect companion for this adventure.
Have fun learning and practicing!
Setting up WTF Samurai on VMware:
 WTF Samurai download http://sourceforge.net/projects/samurai/
Ps the password for WTF Samurai is samurai 
 In case you forget: http://www.whatisthesamuraipassword.com/
Chris Mohan --- Internet Storm Center Handler on Duty
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.