[Owasp-leaders] OWASP Top Ten Vulnerabilities

Bill Sempf bill at pointweb.net
Tue Aug 4 19:46:59 UTC 2015


There is an instance of Security Shepherd up here:

https://owasp.securityshepherd.eu/login.jsp

I often use it for demos. Just need ZAP then.

Saves you the trouble of setting up Apache.

S

On Tue, Aug 4, 2015 at 3:37 PM, Subramaniam Sankaran <
subramaniam.sankaran at gmail.com> wrote:

> Thanks all for your help.
> I have downloaded WebGoat from the OWASP page. But I do not see any .bat
> file for invoking the application and TomCat. I am on Windows 8.1 and AMD
> processor.
>
> I do see a .war file, but not sure what do do with it. Any help?
>
>
> On 4 August 2015 at 15:40, Timo Goosen <timo.goosen at owasp.org> wrote:
>
>> Sure here you go:
>>
>> *Intro To XSS Web App Hacking Workshop - Timo Goosen
>> <https://docs.google.com/presentation/d/1wXYPDj20IYyh1RZWYiBk_F04yyvTHZ1tdg6Dv-jqd2g/pub?start=false&loop=false&delayms=3000>*
>>
>> *Intro to OWASP ZAP Using Damn Vulnerable Web App - Timo Goosen
>> <https://docs.google.com/presentation/d/1PZqxqCi7hKVcyL-P797Ng9TI4JpUo9GGxdH0FdQn5iM/pub?start=false&loop=false&delayms=3000&slide=id.p3>*
>>
>> *Intro To Enumeration for Pentester - Timo Goosen
>> <https://www.owasp.org/images/6/6e/Intro_To_Enumeration_FINAL_MAIL_OUT.odp>*
>>
>> *OWASP Appsensor v2 Guide - Contributor and Reviewer
>> <https://www.owasp.org/images/0/02/Owasp-appsensor-guide-v2.pdf>*
>>
>>
>> Regards.
>>
>> Timo
>>
>> On Tue, Aug 4, 2015 at 11:16 AM, Subramaniam Sankaran <
>> subramaniam.sankaran at gmail.com> wrote:
>>
>>> Hi Timo,
>>>
>>> Thanks again. The slides will really be helpful. Can you please mail me
>>> across?
>>>
>>> On 4 August 2015 at 14:05, Timo Goosen <timo.goosen at owasp.org> wrote:
>>>
>>>> Google for damn vulnerable web app sqlmap tutorial and learn to use
>>>> sqlmap.
>>>>
>>>> Let me know if you need help I've got some of my old slides I can mail
>>>> you.
>>>>
>>>> Regards.
>>>>
>>>>
>>>> On Tue, Aug 4, 2015 at 9:27 AM, Subramaniam Sankaran <
>>>> subramaniam.sankaran at gmail.com> wrote:
>>>>
>>>>> Thanks, Timo!
>>>>> I will use them.. Thanks for your help...
>>>>>
>>>>> On 4 August 2015 at 12:49, Timo Goosen <timo.goosen at owasp.org> wrote:
>>>>>
>>>>>> Damn Vulnerable web app is good too. You can google for tutorials on
>>>>>> using it with sqlmap for sqlinjection.
>>>>>>
>>>>>> For XSS I suggest that you show them beef (browser exploitation
>>>>>> framework).
>>>>>>
>>>>>> Regards.
>>>>>> Timo
>>>>>>
>>>>>> On Tue, Aug 4, 2015 at 8:24 AM, Subramaniam Sankaran <
>>>>>> subramaniam.sankaran at gmail.com> wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> Not sure, If I am reinventing the wheel.
>>>>>>> But can someone let me know what tools (Software and Hardware) do I
>>>>>>> require if I need to demonstrate the OWASP Top 10 Vulnerabilities?
>>>>>>>
>>>>>>> Regards,
>>>>>>> Subbu
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> OWASP-Leaders mailing list
>>>>>>> OWASP-Leaders at lists.owasp.org
>>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150804/f4aa73ff/attachment.html>


More information about the OWASP-Leaders mailing list