[Owasp-topten] Mutillidae: A Deliberately Vulnerable Set Of PHP Scripts That Implement The OWASP Top 10

Adrian Crenshaw irongeek at irongeek.com
Mon Mar 2 12:15:39 EST 2009


What I'm attempting to do with Mutillidae is implement the OWASP Top
10<http://www.owasp.org/index.php/OWASP_Top_Ten_Project>in PHP, and do
it in such a way that it is easy to demonstrate common
attacks to others.

http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10

It's something I've been working on and would love to get suggestions on
from other OWASP members. I dig WebGoat, but sometimes it's a little hard to
figure out exactly what they want you to do to exploit a given web
application. Also, WebGoat may be a little too complex to use when
introducing a web programming newbie to web application security (it's easy
to get lost in the code, especially J2EE). In an attempt to have something
to use as a demo in my videos and in class, I started the Mutillidae
project.

Thanks,
Adrian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-topten/attachments/20090302/37c50d1a/attachment.html 


More information about the Owasp-topten mailing list