[Owasp-leaders] Web Application Vulnerability Examples
psiinon at gmail.com
Wed Dec 22 08:32:57 EST 2010
As part of the development of the Zed Attack Proxy I need a simple set
of web pages that exhibit standard vulnerabilities.
I know about the example vulnerable apps like Webgoat, DVWA, Gruyere,
However these are aimed at people.
I want a set of web pages for regression testing ZAP, so I'd like as
many examples and variants as possible, ideally with just one example
Do any of you know of such examples?
If not then I'll implement them myself (I've already made a start),
but if anyone else wants to get involved then I'd welcome the
I guess these examples could be useful to other projects.
In theory such pages could be used to test the effectiveness of
vulnerability scanners, although my goal is to develop a regression
test suite for ZAP.
They could also be used as a training aid. (Not sure what a specific
vulnerability looks like in practice? Look here...)
So does anyone think they should be spun of into a new OWASP project,
either now or potentially later?
More information about the OWASP-Leaders