[Owasp-leaders] Vulnerable XXE VM now part of Vicnum

Steven van der Baan steven.van.der.baan at owasp.org
Tue Mar 10 16:03:25 UTC 2015


Good work.

On 10/03/15 15:59, Mordecai Kraushar wrote:
>
>
> All;
>
> The OWASP Vicnum
> Project https://www.owasp.org/index.php/Category:OWASP_Vicnum_Project 
> has been updated to include a vulnerable XXE VM
> at http://xxe.sourceforge.net/
>
>
> This VM was used in recent CTF events including the Breaking Bad
> challenge event at APPSEC in NY in late 2013.  
>
> As will other vulnerable or broken apps the basic goal of  the project
>  is to:
>
>   * Test web application scanners
>   * Test manual attack techniques
>   * Test source code analysis tools
>   * Look at the code that allows the vulnerabilities
>   * Test web application firewalls
>   * Have a little fun.
>
> Thanks much to Nicole Becher for all of this.
>
>
> Mordecai Kraushar
>
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150310/b85465b5/attachment.html>


More information about the OWASP-Leaders mailing list