Hello everybody!
Recently, we got granted a generous amount of money from
our friends at Contrast.
This grant helps us to develop more labs so we can expand our
training curriculum on SKF.
Here we describe what to expect when entering this exciting endeavor with us!
- What is the work that needs to be done?
- How much compensation can you expect for said work?
- When is the work considered done?
- Etiquette for participation
- Getting started (workflow,templates,etc)
- How to finally retrieve the compensation?
Getting started is simple:
- Assign yourself an issue from the project board
- Create a Fork of the SKF-labs
- Create a feature branch formatted as mentioned in definition of done
- Use our standard CSS/templating found here
- Use our standard write-up templating found here
- Tick off all the boxes from the issue
- Create a PR for the SKF-labs main branch
- If the PR is merged invoice OWASP
- If the PR is merged assign the new ticket
It is very important for a lab to stick to our standard templating
and styling. Please take this onto account very seriously.
The markdown of the labs that you are writing must be stored here
And any screenshots that you are taking for the lab must be stored here
As you can see in the issue there is a checklist provided of things that each contribution
needs to contain before being eligible for compensation.
After ticking off all the boxes, you can start creating a PR (pull request) for our main branch.
please when creating a PR adhere your branch name to the following conversion:
Like:
<language>-<issue number>-<issue title>
Or finally:
python-1337-command_injection_WSTG_coverage
If you want to start on a lab, you can assign this lab to yourself.
This is an indication for other contributors that this lab is already
actively worked on and prevents duplicates.
Now, we expect you to only assign 1 lab at a time so there is equal opportunity
for other people to participate.
After you have created your PR and the PR is approved and merged by the SKF
team, you can claim another lab to work on :-)
Now, linked here you can find a new project board.
In this project board, you will find a subset of labs that need to be developed!
Each issue on the board has a label that indicates how difficult it is to
develop the lab. Per difficulty level, we award a different amount
of money when it is delivered.
| Label | Amount |
|---|---|
| Easy | X |
| Medium | X |
| Advanced | X |