[Owasp-leaders] OWASP Projects - Short update - OWASP Vicnum Project has a new release!

Mordecai Kraushar mordecai at ciphertechs.com
Thu Oct 22 11:03:02 EDT 2009


Hi

Yes, similarities do exist and it is more game focused than training focused.

It's much smaller than webgoat and written in php and perl.  I have a few suggestions in there to modify the game to make it harder or easier to play depending on the sophistication of the audience, for example do you show some revealing fields in plain text or do you base64 encode them?  Either way is disclosure but one is more stealthy.

So the app is supposed to be flexible and modifiable to challenge the web assessment vendors, web auditors or just game players.


See it at http://vicnum.ciphertechs.com

Mordecai



-----Original Message-----
From: owasp-leaders-bounces at lists.owasp.org [mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Matt Tesauro
Sent: Thursday, October 22, 2009 10:53 AM
To: owasp-leaders at lists.owasp.org
Subject: Re: [Owasp-leaders] OWASP Projects - Short update - OWASP Vicnum Project has a new release!

While they are both very similar, Vicnum is more geared at setting up a
capture the flag and other web app sec 'games' as opposed to be focused
on teaching app sec.  Learning happens either way, just a different
approach to get that done.

-  
-- Matt Tesauro
OWASP Live CD Project Lead
http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
http://AppSecLive.org - Community and Download site


On Thu, 2009-10-22 at 15:45 +0100, Eoin wrote:
> Whats the difference between this and webgoat?
> 
> 
>  
> 2009/10/22 Paulo Coimbra <paulo.coimbra at owasp.org>
>         Leaders,
>         
>          
>         
>         I’ve just updated OWASP Vicnum project’s details page with its
>         latest release – version 1.3. Please glance at it
>         http://www.owasp.org/index.php/Category:OWASP_Vicnum_Project
>         and having feedback send it over!
>         
>          
>         
>         Many thanks, 
>         
>          
>         
>         Paulo Coimbra,
>         
>         OWASP Project Manager
>         
>          
>         
>         
>         
>         _______________________________________________
>         OWASP-Leaders mailing list
>         OWASP-Leaders at lists.owasp.org
>         https://lists.owasp.org/mailman/listinfo/owasp-leaders
>         
> 
> 
> 
> 
> -- 
> Eoin Keary
> 
> OWASP Code Review Guide Lead Author
> OWASP Ireland Chapter Lead
> OWASP Global Committee Member (Industry)
> 
> http://asg.ie/
> https://twitter.com/EoinKeary
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list