[Owasp-leaders] Vulnerable XXE VM now part of Vicnum
Steven van der Baan
steven.van.der.baan at owasp.org
Tue Mar 10 16:03:25 UTC 2015
On 10/03/15 15:59, Mordecai Kraushar wrote:
> The OWASP Vicnum
> Project https://www.owasp.org/index.php/Category:OWASP_Vicnum_Project
> has been updated to include a vulnerable XXE VM
> at http://xxe.sourceforge.net/
> This VM was used in recent CTF events including the Breaking Bad
> challenge event at APPSEC in NY in late 2013.
> As will other vulnerable or broken apps the basic goal of the project
> is to:
> * Test web application scanners
> * Test manual attack techniques
> * Test source code analysis tools
> * Look at the code that allows the vulnerabilities
> * Test web application firewalls
> * Have a little fun.
> Thanks much to Nicole Becher for all of this.
> Mordecai Kraushar
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders