Deploying OWASPs Secure Coding Dojo

1 minute read


OWASPs Secure Coding Dojo is a platform for learning secure coding concepts and its target audience is developers, unlike other security-related training platforms which are normally for pen-testers or ethical hackers. In this quick tutorial, I’ll show you how to deploy the Secure Coding Dojo using Docker. Let’s begin!


You will need to have Docker and Docker Compose installed.

If you are a Debian-based Linux distro, install and configure docker/docker-compose with the following commands:

sudo apt install docker-compose
sudo groupadd docker
sudo usermod -aG docker $USER
newgrp docker

Verify the installation by running:

docker run hello-world

Installing and Deploying the Secure Coding Dojo

We’ll first need to clone the repo:

git clone
cd SecureCodingDojo

And then we can easily deploy our local install of the Secure Coding Dojo with the following command:

  • the DATA_DIR defines where you want the data generated by the dojo to be saved to - change this to your liking
  • the -d option is to run the background
DATA_DIR=$(pwd)/data docker-compose up -d

After the command above exits, you can verify the deployment is running by running the command:

docker-compose logs --tail=5

You should see something similiar to the following output:


With the Dojo up and running, visit localhost:8081 to view the deployment and then click on the login button on the top right to register an account on the site:


Then, log in with the account created in the previous step and you’ll be presented with the Secure Coding Dojo’s home page from which you can begin your secure coding training:


NOTE: To stop the deployment, run docker-compose down from the SecureCodingDojo directory:


Happy Hacking!


If you enjoyed reading this blog and learned something, keep an eye out for more of my posts and maybe consider following me on GitHub, where I work on cybersecurity projects. And if you are feeling really generous, consider buying me a coffee!


comments powered by Disqus