[Owasp-leaders] Vulnerable XXE VM now part of Vicnum

John Patrick Lita john.patrick.lita at owasp.org
Tue Mar 10 16:54:26 UTC 2015


great work! another tool use to educate people!

On Wed, Mar 11, 2015 at 12:03 AM, Steven van der Baan <
steven.van.der.baan at owasp.org> wrote:

>  Good work.
>
>
> On 10/03/15 15:59, Mordecai Kraushar wrote:
>
>
>
>  All;
>
>  The OWASP Vicnum Project
> https://www.owasp.org/index.php/Category:OWASP_Vicnum_Project  has been
> updated to include a vulnerable XXE VM at http://xxe.sourceforge.net/
>
>
>  This VM was used in recent CTF events including the Breaking Bad
> challenge event at APPSEC in NY in late 2013.
>
>  As will other vulnerable or broken apps the basic goal of  the project
>  is to:
>
>
>    - Test web application scanners
>     - Test manual attack techniques
>     - Test source code analysis tools
>     - Look at the code that allows the vulnerabilities
>     - Test web application firewalls
>    - Have a little fun.
>
> Thanks much to Nicole Becher for all of this.
>
>
>  Mordecai Kraushar
>
>
>
>
> _______________________________________________
> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
Best Regrads
John Patrick Lita
*Chapter Leader OWASP Manila*
FB Page @OwaspManila <https://www.facebook.com/OwaspManila>
https://www.owasp.org/index.php/Manila
https://lists.owasp.org/mailman/listinfo/owasp-manila
<https://lists.owasp.org/mailman/listinfo/owasp-manila>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150311/46ba178f/attachment.html>


More information about the OWASP-Leaders mailing list