Global AppSec 2020: Virtual
Attending this event?
Back To Schedule
Thursday, October 22 • 9:00am - 10:00am
Learn to exploit TOCTOU race-condition vulnerabilities with OWASP TimeGap Theory

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

OWASP TimeGap Theory is an auto-scoring capture-the-flag game. Unlike other CTFs, TimeGap theory focuses only on TOCTOU vulnerabilities. There are seven unique challenges and all of them can be solved by using browser dev tools. This means no need for fiddling with proxy setup. Setting up the TimeGap theory lab is also very easy. You can either issue a docker command or just do a one-click install on Heroku to get the lab running.

TimeGap Theory is free and open-source. This means all these amazing stuff are going to cost you exactly ZERO money. On top of that, you get books, videos, and even a support channel on Slack in case you get stuck on the TOCTOU journey.

avatar for Abhi Balakrishnan

Abhi Balakrishnan

Abhi M Balakrishnan is an application security consultant from SecurityCompass, San Francisco. Abhi is here to introduce his new project - OWASP TimeGap Theory. In the past, he has been the project leader for OWASP Mantra, OWASP Bricks, Alert Labs, Bricktown, web-app security testing... Read More →

Thursday October 22, 2020 9:00am - 10:00am
Feedback form isn't open yet.

Attendees (1)