[Owasp-leaders] [Owasp-community] Vulnerable scripts in PHP

johanna curiel curiel johanna.curiel at owasp.org
Fri Jun 2 10:44:33 UTC 2017


This one is very nice, I submitted a report got 4 place in the sport the
bug challenge
Also brief explanations of the vulnerabilities found here
https://www.securify.nl/blog/SFY20170103/spot_the_bug_challenge_2016_write_up.html



On Fri, May 26, 2017 at 11:46 AM, Abhi M Balakrishnan <
abhimbalakrishnan at gmail.com> wrote:

> OWASP Bricks may help you as well.
>
> I'm the project leader and would be more than happy to help you with
> customization or any other related questions.
>
> On Fri, May 26, 2017 at 4:16 AM Rashad Aliyev <microphprashad at gmail.com>
> wrote:
>
>> Than you Vlad,
>>
>> Excellent.
>>
>> On Fri, May 26, 2017 at 11:00 AM, Vlad Styran <vlad.styran at owasp.org>
>> wrote:
>>
>>> Hi Rashad,
>>>
>>> Have you tried Mutillidae or Damn Vulnerable Web App (DVWA) yet? Both
>>> are written in PHP and demonstrate many vulnerability caresses and DVWA has
>>> several ‘Protection Modes’ that show different countermeasures one can
>>> implement.
>>>
>>> https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project
>>> http://www.dvwa.co.uk
>>>
>>>
>>> Best,
>>> Vlad Styran
>>>
>>> OWASP Kyiv Chapter Lead
>>> PGP pub key: 87F07F08
>>> <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x19ED24B087F07F08>
>>>
>>> On May 26, 2017, at 07:51, Rashad Aliyev <microphprashad at gmail.com>
>>> wrote:
>>>
>>> Hello,
>>>
>>> I'm preparing one course materials for tech Filters in PHP.
>>>
>>> Searching scripts writed in PHP for showing vulnerabilities in PHP.
>>> SQL injection, XSS and so.
>>>
>>> Have anyone like this script or projects?
>>>
>>> Thank you,
>>>
>>> --
>>> Rashad Aliyev
>>>
>>> *@alievinfo <https://twitter.com/alievinfo>*
>>> (+994 50) 648 2737 <+994%2050%20648%2027%2037>
>>>
>>>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>>
>>
>>
>> --
>> Rashad Aliyev
>>
>> *@alievinfo <https://twitter.com/alievinfo>*
>> (+994 50) 648 2737 <+994%2050%20648%2027%2037>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
> --
> ~ Abhi M
> Are you ready to break the Bricks? <http://sechow.com/bricks/>
>
> _______________________________________________
> Owasp-community mailing list
> Owasp-community at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-community
>
>


-- 
Johanna Curiel
OWASP Volunteer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170602/7371d2d6/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: REPORT-STB4BTCCODE.pdf
Type: application/pdf
Size: 1620744 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170602/7371d2d6/attachment-0001.pdf>


More information about the OWASP-Leaders mailing list