Hi Folks! What would you like to see changed in #OWASP #WrongSecrets?
October 26, 2025 at 8:30 PM
Hi Folks! What would you like to see changed in #OWASP #WrongSecrets?
If you can follow these three rules, you should be fairly safe from supply chain attacks through 3rd party software as long as you don’t save or share your secrets in insecure places. If you suspect the latter, get your crew to play OWASP WrongSecrets, they just released a new version of the game!
LinkedIn
This link will take you to a page that’s not on LinkedIn
lnkd.in
September 18, 2025 at 4:29 PM
If you can follow these three rules, you should be fairly safe from supply chain attacks through 3rd party software as long as you don’t save or share your secrets in insecure places. If you suspect the latter, get your crew to play OWASP WrongSecrets, they just released a new version of the game!
We released version 1.12.3 of #OWASP #WrongSecrets at github.com/OWASP/wrongs... ! With a new challenge and tons of additional updates. Want to try it out? go to www.wrongsecrets.com and give our repo a 🌟 if you like it!
Release V1.12.3 Challenge 57 and many updates · OWASP/wrongsecrets
What's Changed
This is one of our biggest updates yet. Only then packed in a small version update. In this version we made it a lot easier for both contributors and reveiwers to build out new chall...
github.com
August 23, 2025 at 6:45 AM
We released version 1.12.3 of #OWASP #WrongSecrets at github.com/OWASP/wrongs... ! With a new challenge and tons of additional updates. Want to try it out? go to www.wrongsecrets.com and give our repo a 🌟 if you like it!
In #OWASP #WrongSecrets we started using AI for generating challenges as an experiment. The results might be staggering ;-). Checkout github.com/OWASP/wrongs... for more details! #AI #LLM #Cursor and please give the repo a 🌟 if you like it or learned from it!
July 9, 2025 at 7:23 AM
In #OWASP #WrongSecrets we started using AI for generating challenges as an experiment. The results might be staggering ;-). Checkout github.com/OWASP/wrongs... for more details! #AI #LLM #Cursor and please give the repo a 🌟 if you like it or learned from it!
I am trying to get some credits on DigitalOcean to experiment with #OWASP #Wrongsecrets there. Who can help me? Get $200 in cloud credits from @DigitalOcean using my link: m.do.co/t/7e2aa81f41f3
DigitalOcean | Cloud Infrastructure for Developers
An ocean of simple, scalable cloud solutions.
m.do.co
June 22, 2025 at 6:04 AM
I am trying to get some credits on DigitalOcean to experiment with #OWASP #Wrongsecrets there. Who can help me? Get $200 in cloud credits from @DigitalOcean using my link: m.do.co/t/7e2aa81f41f3
New! #OWASP #Wrongsecrets big LCM release: github.com/OWASP/wrongs.... Try it out at www.wrongsecrets.com
Release 1.12.0: Spring Boot 3.5 migration · OWASP/wrongsecrets
What's Changed
In preparation of the new java LTS release, we have released a new LCM update! Loads of dependencies got updated, and we finally said goodbye to some nasty dependency based bugs in G...
github.com
June 21, 2025 at 10:02 AM
New! #OWASP #Wrongsecrets big LCM release: github.com/OWASP/wrongs.... Try it out at www.wrongsecrets.com
We released version 1.11.2 of #OWASP #WrongSecrets: it's faster than ever, has now 55 challenges and a lot of fun! Check it out at github.com/OWASP/wrongs... or test it at www.wrongsecrets.com and don't forget to give the repo a 🌟 if you like it!
GitHub - OWASP/wrongsecrets: Vulnerable app with examples showing how to not use secrets
Vulnerable app with examples showing how to not use secrets - OWASP/wrongsecrets
github.com
May 2, 2025 at 10:33 AM
We released version 1.11.2 of #OWASP #WrongSecrets: it's faster than ever, has now 55 challenges and a lot of fun! Check it out at github.com/OWASP/wrongs... or test it at www.wrongsecrets.com and don't forget to give the repo a 🌟 if you like it!
Now that the performance of #owasp #wrongsecrets is restored (200rps on a Heroku free Dyno) feel free to use #zap against it ;-).
April 13, 2025 at 6:47 AM
Now that the performance of #owasp #wrongsecrets is restored (200rps on a Heroku free Dyno) feel free to use #zap against it ;-).
Somehow there is a myth that #OWASP #Wrongsecrets only runs on #Windows… but it runs on #Linux (musl and glibc ), #Windews, #macos with #x86 and #arm support. Go checkout the demo at wrongsecrets.herokuapp.com
OWASP WrongSecrets
wrongsecrets.herokuapp.com
March 28, 2025 at 7:55 AM
Somehow there is a myth that #OWASP #Wrongsecrets only runs on #Windows… but it runs on #Linux (musl and glibc ), #Windews, #macos with #x86 and #arm support. Go checkout the demo at wrongsecrets.herokuapp.com
We released a new version of #OWASP #WrongSecrets with a new challenge, some bugfixes and a lot of updates! Want to know more? Check it out at github.com/OWASP/wrongs... or play directly on www.wrongsecrets.com . Like what you see? Please 🌟 our repo!
Release 1.11.1: challenge 53, Spring boot upgrade and many more · OWASP/wrongsecrets
What's Changed
In this version we upgraded to a much newer version of Spring boot, K8s, did tons of LCM and bugfixes and added a new Challenge!
New Content
Automate docker compose testing for chal...
github.com
March 15, 2025 at 4:31 AM
We released a new version of #OWASP #WrongSecrets with a new challenge, some bugfixes and a lot of updates! Want to know more? Check it out at github.com/OWASP/wrongs... or play directly on www.wrongsecrets.com . Like what you see? Please 🌟 our repo!
We just released a new version of #OWASP #WrongSecrets containing a few small bugfixes, and a new challenge! Want to know more? go to github.com/OWASP/wrongs... or test it at www.wrongsecrets.com ! Like what you see? Please give our repo a 🌟!
Release v1.10.3: Bugfixes and Challenge52 · OWASP/wrongsecrets
What's Changed
In this new version we have bugfixes, and a new challenge!
New content
Challenge52: Add misconfiguration for mounting in secret in during build by @Shubham-Patel07 in #1790
Bugfixe...
github.com
February 24, 2025 at 9:41 PM
We just released a new version of #OWASP #WrongSecrets containing a few small bugfixes, and a new challenge! Want to know more? go to github.com/OWASP/wrongs... or test it at www.wrongsecrets.com ! Like what you see? Please give our repo a 🌟!
We released a new version of #OWASP #WrongSecrets with another round of great optimizations :). Want to know more? Check github.com/OWASP/wrongs... (or www.wrongsecrets.com) like what you see? Please give our repo a 🌟 on Github !
Release 1.10.2: Docker CDS & LCM updates · OWASP/wrongsecrets
What's Changed
Version 1.10.2 is a first CDS based release of our container! This makes the container smaller, faster and use less memory.
New Content
updated contributor list and copyrights by @c...
github.com
January 31, 2025 at 7:22 AM
We released a new version of #OWASP #WrongSecrets with another round of great optimizations :). Want to know more? Check github.com/OWASP/wrongs... (or www.wrongsecrets.com) like what you see? Please give our repo a 🌟 on Github !
January 28, 2025 at 9:41 AM
Wishing you all a great #2025! Hope you can have one with lots of #fun and #hacking! Maybe you want to try #OWASP #WrongSecrets during the holidays? Check www.wrongsecrets.com and don't forget to give the repo a star if you like it :) .
OWASP WrongSecrets
www.wrongsecrets.com
December 30, 2024 at 7:06 AM
Wishing you all a great #2025! Hope you can have one with lots of #fun and #hacking! Maybe you want to try #OWASP #WrongSecrets during the holidays? Check www.wrongsecrets.com and don't forget to give the repo a star if you like it :) .
Welcome to the OWASP WrongSecrets game! The game is packed with real life examples of how to not store secrets!
New release out!
#owasp #appsec #cybersec
New release out!
#owasp #appsec #cybersec
We just released 1.10.0 of #OWASP #WrongSecrets, now running on Java 23, with 51 challenges, and it is now using #renovate. See github.com/OWASP/wrongs... for more details or play at www.wrongsecrets.com. Like what you see? Please give the repo a 🌟.
Release v1.10.0 - Java 23, new challenge, and Renovate · OWASP/wrongsecrets
What's Changed
Version 1.10.0 introduces a move to Java 23, a new challenge, and Renovate for dependency management. Thanks to all involved for making it happen, notably @Shubham-Patel07 and @commj...
github.com
December 12, 2024 at 7:57 AM
We just released 1.10.0 of #OWASP #WrongSecrets, now running on Java 23, with 51 challenges, and it is now using #renovate. See github.com/OWASP/wrongs... for more details or play at www.wrongsecrets.com. Like what you see? Please give the repo a 🌟.
Release v1.10.0 - Java 23, new challenge, and Renovate · OWASP/wrongsecrets
What's Changed
Version 1.10.0 introduces a move to Java 23, a new challenge, and Renovate for dependency management. Thanks to all involved for making it happen, notably @Shubham-Patel07 and @commj...
github.com
December 12, 2024 at 7:54 AM
We just released 1.10.0 of #OWASP #WrongSecrets, now running on Java 23, with 51 challenges, and it is now using #renovate. See github.com/OWASP/wrongs... for more details or play at www.wrongsecrets.com. Like what you see? Please give the repo a 🌟.
#blackfriday deal: play #OWASP #wrongsecrets for free at wrongsecrets.com . All we need is you to star our GitHub repo!
wrongsecrets.com
November 30, 2024 at 12:05 PM
#blackfriday deal: play #OWASP #wrongsecrets for free at wrongsecrets.com . All we need is you to star our GitHub repo!
OWASP Spotlight Series WrongSecrets
YouTube video by Vandana Verma
youtu.be
November 23, 2024 at 8:30 PM
Where shall I post about? About the super nice vibe @ Bsky? Or something about my pet project #OWASP #Wrongsecrets ;-)?
November 16, 2024 at 8:39 PM
Where shall I post about? About the super nice vibe @ Bsky? Or something about my pet project #OWASP #Wrongsecrets ;-)?
#devlopers, do you secure the secrets in your app? WrongSecrets challenges you to hack all the secrets it contains, so you learn how to protect yours! Version 1.8.5 has just released, built on Java 22, and now with easier to read challenges. Get cracking!
owasp.org/www-projec...
owasp.org/www-projec...
April 30, 2024 at 4:51 PM
#devlopers, do you secure the secrets in your app? WrongSecrets challenges you to hack all the secrets it contains, so you learn how to protect yours! Version 1.8.5 has just released, built on Java 22, and now with easier to read challenges. Get cracking!
owasp.org/www-projec...
owasp.org/www-projec...
Meanwhile, if you know #eslint, WrongSecrets also needs to migrate to the new eslint configuration. github.com/OWASP/wro...
Bump @commitlint/config-conventional from 19.1.0 to 19.2.2 by dependabot[bot] · Pull Request #1335 · OWASP/wrongsecrets
Bumps @commitlint/config-conventional from 19.1.0 to 19.2.2.
Release notes
Sourced from @commitlint/config-conventional's releases.
v19.2.2
19.2.2 (2024-04-14)
Bug Fixes
fix(is-ignored): ignore...
github.com
April 22, 2024 at 5:58 PM
Meanwhile, if you know #eslint, WrongSecrets also needs to migrate to the new eslint configuration. github.com/OWASP/wro...
The WrongSecrets project is looking for help from a #Web3 #developer to migrate its Web3 challenges from Goerli to another testnet. github.com/OWASP/wro...
Goerli testnet is being deprecated: help us migrate to another testnet! · Issue #1360 · OWASP/wrongsecrets
Challenge 25, 26, and 27 are based on the Goerli testnet, which is being deprecated. We need to redo these challenges on another testnet.
github.com
April 22, 2024 at 5:58 PM
The WrongSecrets project is looking for help from a #Web3 #developer to migrate its Web3 challenges from Goerli to another testnet. github.com/OWASP/wro...
Welcome to the OWASP WrongSecrets game!
GitHub - OWASP/wrongsecrets: Vulnerable app with examples showing how to not use secrets
Vulnerable app with examples showing how to not use secrets - OWASP/wrongsecrets
github.com
March 30, 2024 at 2:46 PM
Welcome to the OWASP WrongSecrets game!
OWASP WrongSecrets
A hands-on game packed with real-life examples of improper secrets management in software.
Includes 41 challenges to enhance your understanding of leaked secrets and can help you practice with the tools needed to detect them!
github.com/OWASP/wrongs...
A hands-on game packed with real-life examples of improper secrets management in software.
Includes 41 challenges to enhance your understanding of leaked secrets and can help you practice with the tools needed to detect them!
github.com/OWASP/wrongs...
December 7, 2023 at 7:02 PM
OWASP WrongSecrets
A hands-on game packed with real-life examples of improper secrets management in software.
Includes 41 challenges to enhance your understanding of leaked secrets and can help you practice with the tools needed to detect them!
github.com/OWASP/wrongs...
A hands-on game packed with real-life examples of improper secrets management in software.
Includes 41 challenges to enhance your understanding of leaked secrets and can help you practice with the tools needed to detect them!
github.com/OWASP/wrongs...