A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.
📣 SEASON 2 JUST DROPPED! READY TO PLAY? 📣
A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code. At the same time, this is an open source project that welcomes your contributions as a way to give back to the community.
python3
for most levels and C
for Level 2. For the second season, you will need some knowledge of GitHub Actions
for level 1, go
for level 2, python3
for level 3, and javascript
for levels 4 and 5.All levels are configured to run instantly with GitHub Codespaces. If you chose to use codespaces, be aware that this course will count towards your 60 hours of monthly free allowance. For more information about GitHub Codespaces, see the "GitHub Codespaces overview." If you prefer to work locally, please follow the local installation guide in the next section.
README.md
file.Optional: We recommend these free-of-charge additional extensions, but we haven't pre-installed them for you:
github.copilot-labs
to receive AI-generated code explanations.alexcvzz.vscode-sqlite
to visualize the SQL database created in Season-1/Level-4 and the effects of our exploits on its content.If you need assistance, don't hesitate to ask for help in our GitHub Discussions or on our Slack, at the #secure-code-game channel.
Please note: You don't need a local installation if you are using GitHub Codespaces.
The following local installation guide is adapted to Debian/Ubuntu and CentOS/RHEL.
python-ldap
, depending on your Linux distribution. Check by running:uname -a
sudo apt-get update
sudo apt-get install libldap2-dev libsasl2-dev
sudo yum install python-devel openldap-devel
sudo pacman -Sy libldap libsasl
pyOpenSSL
by running:pip3 install pyOpenSSL
Once installation has completed, clone your repository to your local machine and install required dependencies.
Local
tab from the menu.git clone
and paste the copied URL.$ git clone https://github.com/YOUR-USERNAME/YOUR-REPOSITORY
pip3 install -r requirements.txt
python3
and c
installed.yaml
, go
, python3
and node
installed.If you are using VS Code locally, you can install the above programming languages through the editor extensions with these identifiers:
ms-python.python
ms-python.vscode-pylance
ms-vscode.cpptools-extension-pack
redhat.vscode-yaml
golang.go
Please note that for the go
programming language, you need to perform an extra step, which is to visit the official website and download the driver corresponding to your operating system.
Now, it's necessary to install node
to get the npm
packages we have provided. To do so:
homebrew
by running:/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
node
:brew install node
Adapt the command to the package manager you have chosen if it's not homebrew.
npm
packages needed are specified in package.json
and package-lock.json
. Navigate to the secure-code-game
repository and install them by running:npm install --prefix Season-2/Level-4/ Season-2/Level-4/ && npm install --global mocha
README.md
file.We recommend these free-of-charge additional extensions:
github.copilot-labs
to receive AI-generated code explanations.alexcvzz.vscode-sqlite
to visualize the SQL database created and the effects of our exploits on its content.For more information about cloning repositories, see "Cloning a repository."