[Owasp-leaders] Is there a PHP equivalent to Webgoat?

Vlatko Kosturjak kost at linux.hr
Fri Sep 4 18:43:42 EDT 2009

Actually, IronGeek has interesting list of vulnerable web applications
(nice to check);

Hope it helps,

Adrian Crenshaw wrote:
> This may be what you want:
> http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10
> On Fri, Sep 4, 2009 at 4:30 PM, Michael Menefee <mmenefee at gmail.com
> <mailto:mmenefee at gmail.com>> wrote:
> Although not exactly the same, there are many deliberately insecure
> testing sites out there, like the hacme series from Foundstone:
> http://www.foundstone.com/us/resources-free-tools.asp
> Andrew Hay wrote:
>> I¹ve had several people ask me if such a beast exists.
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>

More information about the OWASP-Leaders mailing list