-
-
Notifications
You must be signed in to change notification settings - Fork 2.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add Guidelines to Contribute with Crackmes (#2303)
* Add Guidelines to Contribute with Crackmes
- Loading branch information
1 parent
1af5f63
commit f4ac653
Showing
1 changed file
with
35 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
# Add a Crackme | ||
|
||
The MAS project is a powerful learning resource and the MAS Crackmes are no exception. They allow the MAS community not only to practice the MAS skills they've learned from the MASTG but also let them confirm their approaches to the used techniques, especially when performing reverse engineering. | ||
|
||
## Who Can Contribute with a Crackme? | ||
|
||
Anyone from individuals to companies. You only have to read and accepts the Terms and Conditions listed below. | ||
|
||
**Before submitting a crackme**, first of all contact the MAS team here: <https://mas.owasp.org/contact/> | ||
|
||
## Terms and Conditions | ||
|
||
If you want to contribute to the MAS crackmes please consider that: | ||
|
||
☑️ The source code of the crackme apps must be made publicly available at <https://github.com/OWASP/mas-crackmes>. | ||
|
||
☑️ The crackme apps must be reviewed and approved by the MAS project leaders. Some form of documentation and solution writeup/video must be provided for the review process. That must include a list of "features" including techniques used (e.g. obfuscation, whitebox crypto, inline assembly, etc.) | ||
|
||
☑️ The crackme apps must not contain any company branding or advertising material (ads, company URL, etc.). | ||
|
||
☑️ The crackme apps must align with the MASVS and MASTG in some way. | ||
|
||
☑️ The crackme authors are fully responsible for the maintenance of the crackme in the case bugfixes or updates are needed and the MAS team is not able to perform those actions. | ||
|
||
## Publishing and Acknowledgements | ||
|
||
When successfully adding a crackme, its authors will be credited in the corresponding crackme page in the project website at <https://mas.owasp.org/crackmes> and an announcement will be made via the official MAS social media channels. | ||
|
||
## OWASP Openness and Licencing Guidelines | ||
|
||
The OWASP projects have a strong foundation in openness and this includes all material related to the projects. | ||
|
||
> OWASP Projects must be open in all facets, including source material, contributors, organizational structure, and finances (if any). Project source code (if applicable) must be made openly available, project communication channels (e.g. mailing lists, forums) should be open and free from censorship, and all project materials must be licensed under a community friendly license as approved by the Free Software Foundation ([Appendix 8.2](https://owasp.org/www-pdf-archive/PROJECT_LEADER-HANDBOOK_2014.pdf)). | ||
Please refer to the OWASP Project Leader Handbook that we as project leaders need to comply with: https://owasp.org/www-pdf-archive/PROJECT_LEADER-HANDBOOK_2014.pdf |