Saimaan
Saimaan is a vulnerability tool written with PHP server-side language and MYSQL database management system, whose main purpose is to teach and understand common and dangerous web vulnerabilities. This tool can be a great help for security experts and related organizations to test their skills and train interested and novice people.
In this tool, it has been tried to implement common vulnerabilities. We also check what errors in the codes cause these vulnerabilities. In each lesson, the type of attack is first introduced and the method used by the attacker to exploit this vulnerability is explained. It should be noted that the OWASP specialized database was used for the definitions in the various lessons of this tool.
In each attack, there are two hard and easy levels, so that the user can test his abilities on a harder and safer level after learning and penetrating the easy level. This tool has a management panel to control different parts of the tool, which can only be accessed by the relevant professor. It is worth mentioning that each lesson includes a solution that if the user is unable to hack with his own information, he can learn and hack using this solution step by step.
The purpose of Saimaan's design
One of the main missions of APA centers in the field of cyber security is identifying computer threats, discovering and reporting vulnerabilities, security assessment and penetration testing on computer networks and applications, but Since it is not possible to perform a penetration test on any site and it is legally considered a crime, therefore, for the training of APA forces and other interested people in the field of security, an environment is needed that does not harm and penetrate the web. A specific organization's web site or programs can teach penetration testing in a practical way. In this regard, APA of Razi University decided to build a tool to provide a safe and simple environment for teaching the penetration of web applications by creating various and common vulnerabilities of web applications.
