NinjaDVA is not just another damn vulnerable application
For our training courses with practical exercises we use a comfortable mobile training environment. Participants can directly apply their acquired knowledge and experiment with in-depth exercises. Any questions that may emerge are discussed with the experienced training leader on site.
We place particular emphasis on participants using their own laptops with their individual working environment. You don’t need to adapt to our environment, we will adapt to you.
Our training environment consists of several parts and can be individually extended or reduced according to the customer’s requirements. The start consists of a dashboard in which the planned course of the seminar can be viewed and the content of the presentation can be tracked. Additionally it offers the possibility to communicate with the trainer or other seminar participants.
The live hacking module
Indiviaul modules of the dashboard are used during the lecture to demonstrate live various vulnerabilities using web applicaitons. The combination of presentation and training environment also allows participants to experiment effectively and deepen their knowledge with minimal effort in a highly homogenous training environment.
The participant is given the opportunity to put himself in the position of an attacker and thus is able to better understand his way way of thinking. In an online editor accessible via the browser, participants can, for example, easily create their own websites to try out various web attacks themselves.
The technical requirements for the clients are minimal. Each participant is able to use his or her usual working environment.
The secure coding module
We use the secure coding module for training courses that are aimed at developers. After vulnerabilities as well as general and technology-specific countermeasures have been partly discussed in the seminar slides accompanying the presentation, the seminar instructor provides the appropriate code for the current topic (project, modules, classes, etc.) in a buildable and executable form in the training environment. The participants can now check out the code in their preferred working environment (Eclipse, IntelliJ, etc.) and then execute it themselves and experiment with it.
In addition to many libraries that are presented in the context of concrete code-specific countermeasures, there is the possibility that the participants solve given coding tasks themselves in interactive exercises. After committing to the provided training server, the completion of these exercises is automatically checked and the participant immediately receives corresponding feedback. The trainer can see at any time which participant may need help and thus react quickly and efficiently to individual problems.