[Owasp-leaders] Web Application Vulnerability Examples
mordecai.kraushar at owasp.org
Thu Dec 23 12:41:09 EST 2010
I'm working on a minor update to Vicnum,
It certainly will meet the 'simple' requirement
Besides getting it on sourceforge , you should see it on the Broken Web App
On Wed, Dec 22, 2010 at 8:32 AM, psiinon <psiinon at gmail.com> wrote:
> Hi folks,
> As part of the development of the Zed Attack Proxy I need a simple set
> of web pages that exhibit standard vulnerabilities.
> I know about the example vulnerable apps like Webgoat, DVWA, Gruyere,
> Hackme etc.
> However these are aimed at people.
> I want a set of web pages for regression testing ZAP, so I'd like as
> many examples and variants as possible, ideally with just one example
> per page.
> Do any of you know of such examples?
> If not then I'll implement them myself (I've already made a start),
> but if anyone else wants to get involved then I'd welcome the
> assistance :)
> I guess these examples could be useful to other projects.
> In theory such pages could be used to test the effectiveness of
> vulnerability scanners, although my goal is to develop a regression
> test suite for ZAP.
> They could also be used as a training aid. (Not sure what a specific
> vulnerability looks like in practice? Look here...)
> So does anyone think they should be spun of into a new OWASP project,
> either now or potentially later?
> Many thanks,
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders