CODEWITHSUNDEEP
security
user431372
user431372

Reputation: 51

Web Applications Security

Hi does anybody know of any other programs similar to Webgoat for the demonstration of web application security flaws?

Upvotes: 0

Views: 988

Answers (6)

zrp
zrp

Reputation: 31

http://www.dvwa.co.uk/ http://www.itsecgames.com/ https://www.owasp.org/index.php/OWASP_Bricks#tab=Main https://sourceforge.net/projects/mutillidae/
Also I Like dawa And murillidae That is Realy Intresting.

Upvotes: 0

punty_001
punty_001

Reputation: 1

Also take a look at Codebashing - They are a SaaS based elearning platform that provide interactive application security wargames.

Upvotes: 0

dr. evil
dr. evil

Reputation: 27265

There is a really good list in here: http://ha.ckers.org/blog/20090406/hacking-without-all-the-jailtime/

Upvotes: 1

free_easy
free_easy

Reputation: 5129

There are plenty of them. Some hosted, some for local installation. Some targeted more to teaching about web security, others for testing. Fortunately some folks already made some lists:

http://slogic.net/training/vulnerable-web-applications-to-learn-web-application-testing-skills

http://securitythoughts.wordpress.com/2010/03/22/vulnerable-web-applications-for-learning

http://www.owasp.org/index.php/Phoenix/Tools#Testing_grounds

I personally would start with Google Gruyere (http://google-gruyere.appspot.com/).

Upvotes: 1

Purge
Purge

Reputation: 647

The big ones I would think of would be Fortify and HP WebInspect.

Fortify will scan the source code and find potential vulnerabilities HP WebInspect will scan/brute force a website in production and find/report actual vulnerabilities.

Both require a fairly expensive license.

Upvotes: 0

Sarfraz
Sarfraz

Reputation: 382706

Take a look at:

Acunetix WVS automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.

Upvotes: -1

Related Questions