[OWASP-Bangalore] OWASP Project: WebGoat | Simulation for web attacks

Vikas Jain v_jn at yahoo.co.in
Wed Feb 4 07:15:01 EST 2009

Hi Everyone,

Yesterday, I was just browsing through OWASP website, when I found this tool named as WebGoat. Today only, I installed it and started working on it and found it very informative. This application is basically for novice like me, who wants to have hands on experience of attacks.


WebGoat is a deliberately insecure J2EE web
application maintained by OWASP designed to teach web
application security lessons. In each lesson, users must demonstrate their
understanding of a security issue by exploiting a real vulnerability in the
WebGoat application. For example, in one of the lessons the user must use SQL
injection to steal fake credit card numbers. The application is a realistic
teaching environment, providing users with hints and code to further explain
the lesson.


      Add more friends to your messenger and enjoy! Go to http://messenger.yahoo.com/invite/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20090204/ac24783a/attachment.html 

More information about the OWASP-Bangalore mailing list