[Owasp-egypt] What is WebGoat

Omar Sherin Omar.Sherin at infosec2.com
Sun Sep 6 05:59:49 EDT 2009


As you know one of OWASP's most popular projects is WebGoat which is a  
deliberately insecure J2EE web application maintained by OWASP  
designed to teach web application security lessons. In each lesson,  
users must demonstrate their understanding of a security issue by  
exploiting a real vulnerability in the WebGoat application. For  
example, in one of the lessons the user must use SQL injection to  
steal fake credit card numbers. The application is a realistic  
teaching environment, providing users with hints and code to further  
explain the lesson.

Its really cool and I use it frequently for presentations/demo  
purposes and its pre-installed on the OWASP's Live CD. get your copy  
free from  (http://mtesauro.com/livecd/index.php?title=Main_Page#Downloads 

If you are a PHP fan you can have similar features here (http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10 

Happy Eid


Omar Sherin

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-egypt/attachments/20090906/ddf99504/attachment.html 

More information about the Owasp-egypt mailing list