27

I am currently taking a cybersecurity course and as the topic of my project I chose pentesting. I am aware there are CTFs and intentionally vulnerable applications, but I thought it would be interesting and fun to audit projects of other people who are also just students and/or learning programming.

If you have a webapp, mobile application or any other internet connected project that has enough of an attack surface then I would love to get in touch and possibly pentest it. Of course I'd report any issues I'd find so hopefully it would benefit both parties.

I also do pentesting as my job, so I am not a total newbie. If you have any questions feel free to reply here or DM me. If you are scared of letting someone you don't know pentest your application (which is understandable) I can also help with setting up a testing environment, creating mock data, etc.

Thanks in advance!

top 3 comments
sorted by: hot top controversial new old
[-] abbadon420@lemm.ee 12 points 2 months ago

This is a lot of fun. I work for a small university that has a software development course and a cyber security course. Every once in a while we pair some of the brighter students so the cs guys and girls can try to hack the sd projects. They always succeed, but it's always a very fun lesson for both parties.

[-] ashie@lemmy.dbzer0.com 5 points 2 months ago* (last edited 2 months ago)

They always succeed

well student code is student code, but you can tell them that the code of big corporations is probably worse (speaking from experience as a pentester)

What you said sounds really cool tho, although probably too late for my usecase I will bring it up to my teacher as a suggestion for maybe next year. I tried asking students from my school about this by myself but didn't have much luck. It is cool to hear that your school does something like this. From my experience with mine and some of the teachers I think when I suggest this it will fall on deaf ears anyway... each subject has an end of the semester survey asking for suggestions and I have never seen any of them ever implemented or considered.

[-] Jestzer@lemmy.world 5 points 2 months ago

I have a few programs that will reach out to the internet when the user explicitly checks for updates. Feel free to rip apart my amateur projects: https://github.com/Jestzer

this post was submitted on 28 Sep 2024
27 points (100.0% liked)

Programming

17662 readers
422 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev



founded 2 years ago
MODERATORS