You'll need the following to run the Rift application
- At least PHP 5.5 installed locally (and potentially in Apache)
- SQLite support
- An open mind, ready to learn about web application security!
You can either use the included setup script:
./setup.sh
or you can perform the same steps manually:
chmod -R 777 data/
/usr/bin/sqlite3 data/rift.db < init.sql
You'll also need to install the dependencies with Composer so from the root directory run:
composer install
You'll need to already have Composer setup to run this. The Composer site has a great install guide for that.
You can start up the application in two different ways. You can either use the built-in PHP web server:
cd public
php -S localhost:8111
or you can set up a VirtualHost in Apache pointing it to the public/ directory (with your own paths
substituted in of course):
<VirtualHost *:80>
ServerName phparch.localhost
DocumentRoot /var/www/phparch/public
ErrorLog "/var/log/www/phparch-error_log"
</VirtualHost>
and add it to your /etc/hosts:
192.168.0.1 phparch.localhost
Each of the lessons in Rift can be found under the "Exercises" option in the menubar at the top of the site. Topics currently covered are:
- Cookie security
- Remember Me handling
- Forgot Password
- File Uploads
- Password Hashing
- Rate Limiting
- Cross-Site Scripting (XSS)
- SQL Injection (SQLi)
- Cross-Site Request Forgery (CSRF)
- Direct Object Reference
- Remote File Include (RFI)
- Local File Injection (LFI)
- Open Redirect
- If you get database errors, be sure you've created the database with the
sqlite3command above. - Be sure the
data/rift.dbfile can be written to by the web server user - If you don't already have Composer, you can get it from https://getcomposer.org
- Open Web Application Security Project - OWASP
- OWASP Top 10
- Websec.io
- Duo Security (push/SMS for TFA)
- Authy (push/SMS for TFA)
- sqlmap for SQL injection testing
- John the Ripper for password cracking
- Let's Encrypt for free SSL/TLS certificates
- password_hash polyfill - password_compat
- Zend Framework ACL component
- Laravel authorization
- Symfony security
- defuse-php encryption library
- iniscan for security scanning the
php.ini - Google reCAPTCHA
- Breakout escaping library
- Zend\Escaper component
- Skipfish
- Burp Suite
- OWASP ZAP
- psecio/versionscan for finding vulnerabilities related to your PHP version
- Kali linux distribution
- Symfony security advisories
- content-security-policy.com
- Google on Content Security Policy
- XSSHunter.com