[Owasp-leaders] Vulnerable XXE VM now part of Vicnum
mordecai.kraushar at owasp.org
Tue Mar 10 15:59:46 UTC 2015
The OWASP Vicnum Project
https://www.owasp.org/index.php/Category:OWASP_Vicnum_Project has been
updated to include a vulnerable XXE VM at http://xxe.sourceforge.net/
This VM was used in recent CTF events including the Breaking Bad challenge
event at APPSEC in NY in late 2013.
As will other vulnerable or broken apps the basic goal of the project is
- Test web application scanners
- Test manual attack techniques
- Test source code analysis tools
- Look at the code that allows the vulnerabilities
- Test web application firewalls
- Have a little fun.
Thanks much to Nicole Becher for all of this.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders