[Owasp-leaders] webapps for security training

Antonio Fontes antonio.fontes at owasp.org
Mon Jun 25 14:38:20 UTC 2012


Jerry,

No, any language is welcome.

The "filter" is rather based on what you'd call the real-world feel
(like the Hacme* apps we had some years ago).

I gave a training on Gruyere a few days ago and it was an interesting
case: some could grasp the technical aspects of the application but most
of the students were a bit stuck in front of it just because didn't
understand what it was actually doing.

Understanding the technical aspect of the attack was easy but making it
obvious for the student what is actually happening on a business
perspective seems a bit harder if you don't have a good app to work on.

(thanks for the reply)
Antonio


On 25.06.2012 16:24, Jerry Hoff wrote:
> Antonio,
> 
> Are you looking for a particular language?  I'm about to do a major push
> for WebGoat.NET - and I've built in both lessons and a sample
> application to give more of a real-world feel.
> 
> Jerry
> 
> On 6/25/12 9:19 AM, Antonio Fontes wrote:
>> Hello leaders,
>>
>> Any pointers to *recent* open source web applications that you
>> successfully integrated (or believe they would integrate) well in a
>> secure coding training? Any technologies are welcomed, and not
>> necessarily "security-oriented" apps like Webgoat.
>>
>> Antonio
>>
>>
>> --
>> OWASP Switzerland, board member
>> OWASP Geneva, chapter leader
>>   skype: antonio.fontes
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list