Приложение: sectrain A training tool displaying some techniques for secure web app development **Overview** sectrain is a program to illustrate some of the security issues common in applications such as XSS and buffer overflows along with how to stop them. Python. Still to be done is include javascript, SQLi and C++ buffer overflows, should be done shortly. **Installation** The simplest way to install sectrain is to use the snap sudo snap install sectrain **Web Starting ** sectrain startweb **Web Stopping** sectrain stopweb **Web Usage ** Open your browser to your host on port 1984, then browse choose the secure or insecure links.
"> You will see how sanitizing the input/output helps solve these issues. **Python Buffer Overflows** There are two examples to look at, pybuffgood and pybuffbad, sending in too long of a string breaks it. sectrain pybuffbad abcdefghijkl sectrain pybuffgood abcdefghijkl Clearly more can be done, but this is just to aid in getting people interested in fixing their code.
|
 |