[Owasp-leaders] OWASP Vulnerable Web Applications Directory Project

Amro amro at owasp.org
Fri Oct 18 15:29:50 UTC 2013

This is great!! Well done Simon and Raul!

I would suggest that we use this project during the development of any 
testing projects (which requires screenshots or demonstrations "PoC") to 
promote it


On 10/18/13 6:55 PM, psiinon wrote:
> Hi leaders,
> I've been working with Raul to make the list of vulnerable web 
> applications he was maintaining on his blog 
> (http://blog.taddong.com/2011/10/hacking-vulnerable-web-applications.html) 
> into an OWASP Project.
> The result is the OWASP Vulnerable Web Applications Directory Project 
> <https://www.owasp.org/index.php?title=OWASP_Vulnerable_Web_Applications_Directory_Project> 
> :)
> To quote from the project description:
> "OWASP Vulnerable Web Applications Directory (VWAD) Project is a 
> comprehensive and well maintained registry of all known vulnerable web 
> applications currently available. These vulnerable web applications 
> can be used by web developers, security auditors and penetration 
> testers to put in practice their knowledge and skills during training 
> sessions (and specially afterwards), as well as to test at any time 
> the multiple hacking tools and offensive techniques available, in 
> preparation for their next real-world engagement.
> VWAD main goal is to provide a list of vulnerable web applications 
> available to security professionals for hacking and offensive 
> activities, so that they can attack realistic web environments... 
> without going to jail :)
> The vulnerable web applications have been classified in three 
> categories: On-Line, Off-Line, and VMs/ISOs. Each list has been 
> ordered alphabetically.
> An initial list that inspired this project was maintained till the end 
> on 2013 at: 
> http://blog.taddong.com/2011/10/hacking-vulnerable-web-applications.html."
> Please let us know if anything is wrong or missing.
> Or even better, just update the page yourself - the project is self 
> contained on the OWASP wiki so anyone can go in and correct things.
> And let us know if you have any suggestions for ways it could be improved.
> Oh, and spread the word - we want it to be the top result when you 
> search for "vulnerable web applications" using your favourite search 
> engine.
> Cheers,
> Simon
> -- 
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20131018/8e50ecf2/attachment.html>

More information about the OWASP-Leaders mailing list