Cyber Review: Owasp TimeGap Theory Handbook

Abhi Balakrishnan, author of Owasp TimeGap Theory Handbook, started as an electronics hobbyist, eventually he stepped into the AppSec world. Over the last ten years, he has performed security consulting assignments in the area of penetration testing, code reviews, web application assessments, security architecture reviews, application threat modeling, secure coding training development, etc.

Being a developer at heart, it always felt natural for him to step into the shoes of one and build things to solve problems.

This amazing handbook will teach you a particular type of race condition vulnerabilities in web applications called ‘TOCTOU.’ By the end of this hand guide, you will have the industry’s best tools and techniques to exploit TOCTOU issues. This handbook is for you if you: Have been thinking of TOCTOU issues as a security issue that happens only with money transfer pages.

Think finding and exploiting TOCTOU issues require sophisticated tools If you are entirely new to the concept of TOCTOU issue or If you are entirely new to the web application security.

The entire hand guide walks you through an open-source project from OWASP called ‘TimeGap Theory.’ Since the TimeGap Theory project is a capture-the-flag hacking game, you can go through this hand guide like a typical CTF walkthrough. On top of that, the entire book is Dinosaur themed, and it is quite easy to follow.

——————————–