We’re excited to announce that we’ve added ten new missions to the Adversary security training platform for development teams. Along with these new missions, we’re also introducing the idea of storylines, so you can expect more missions within these storylines to be released on a regular basis.
We know how important it is to understand how vulnerabilities present themselves in your own industry as well as others. For that reason, we’ve based these new storylines on different industries starting with gaming, finance, and insurance.
On top of this, we’ve added a “hacking history” module, which currently contains 3 labs focused on historical hacks.
This means you can now explore and try to complete 13 new labs in Adversary.
Our gaming storyline is based on a company in the business of sports betting. Because they work in betting, they also decided to make a bet on security in order to reduce costs. This storyline currently contains 2 labs with more to come very soon. You'll start the storyline by breaking into the website by bypassing login and then attempt to access the profile of another user.
The next new storyline is based on a bank. Appversary bank is drastically shifting its business model and along with that its digital strategy. They’ve decided that the future of their online banking is in apps. In this storyline your task is to break into their new app. We currently have 3 C# missions in this storyline for you to try out.
Your first task in this storyline is to retrieve a bank statement. You then advance to reviewing the fix that Appversary bank put out and learn how to not validate users and finally you can retrieve statements from specific users.
Our insurance storyline allows you to attempt to hack the Adversarial Insurance website. This storyline currently contains 4 Python labs. All labs are built on various ways someone could hack into an insurance website.
In this storyline you go through a series of vulnerabilities. Initially, you are bypassing authentication, true mission-impossible style. You exploit SQL Injection, all in your quest to file a claim with the insurance company. Adversarial Insurance will throw all kinds of challenges at you along the way, and you have to prove that you’ve got what it takes, to finally be able to file a claim with the company.
In addition to the new storyline, we’ve also added a hacking history module, which already has 3 labs showcasing how famous hacks happened. Included so far are the Facebook hack from the of autumn 2018, the Whatsapp hack from earlier this year, as well as the infamous Panama Papers hack from 2016.
All of these missions are also open to the public, because we believe it’s important to shed light on how easy these hacks can sometimes be as well as the damage they can create. But now you can also access them directly from your Adversary account without having to search for them within our blog. And as soon as new ones are added, you’ll see them show up under the "Hacking History" module in the platform.
Now that we’ve implemented storylines, we’re eager to put out more content. In the coming weeks we will be releasing more labs in these storylines so you can complete the stories.