OWASPs Secure Coding Dojo is a platform for learning secure coding concepts and its target audience is developers, unlike other security-related training platforms which are normally for pen-testers or ethical hackers. In this quick tutorial, I’ll show you how to deploy the Secure Coding Dojo using Docker. Let’s begin!
You will need to have Docker and Docker Compose installed.
If you are a Debian-based Linux distro, install and configure docker/docker-compose with the following commands:
sudo apt install docker.io docker-compose sudo groupadd docker sudo usermod -aG docker $USER newgrp docker
Verify the installation by running:
docker run hello-world
Installing and Deploying the Secure Coding Dojo
We’ll first need to clone the repo:
git clone https://github.com/OWASP/SecureCodingDojo.git cd SecureCodingDojo
And then we can easily deploy our local install of the Secure Coding Dojo with the following command:
DATA_DIRdefines where you want the data generated by the dojo to be saved to - change this to your liking
-doption is to run the background
DATA_DIR=$(pwd)/data docker-compose up -d
After the command above exits, you can verify the deployment is running by running the command:
docker-compose logs --tail=5
You should see something similiar to the following output:
With the Dojo up and running, visit localhost:8081 to view the deployment and then click on the login button on the top right to register an account on the site:
Then, log in with the account created in the previous step and you’ll be presented with the Secure Coding Dojo’s home page from which you can begin your secure coding training:
NOTE: To stop the deployment, run
docker-compose down from the SecureCodingDojo directory:
If you enjoyed reading this blog and learned something, keep an eye out for more of my posts and maybe consider following me on GitHub, where I work on cybersecurity projects. And if you are feeling really generous, consider buying me a coffee!