ARTICLE

OWASP WebGoat Version 5.0 released

Friday 28 September 2007

WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application.

WebGoat is written in Java and therefore installs on any platform with a Java virtual machine. There are installation programs for Linux, OS X Tiger and Windows. Once deployed, the user can go through the lessons and track their progress with the scorecard. There are currently over 30 lessons, including those dealing with the following issues:

Cross Site Scripting
Access Control
Thread Safety
Hidden Form Field Manipulation
Parameter Manipulation
Weak Session Cookies
Blind SQL Injection
Numeric SQL Injection
String SQL Injection
Web Services
Fail Open Authentication
Dangers of HTML Comments
... and many more!

POSTSCRIPTUM

Download WebGoat 5.0

Application Scanner, Framework, Security Solutions, WebGoat,

28 September 2007 : OWASP WebGoat Version 5.0 released

OWASP WebGoat Version 5.0 released

POSTSCRIPTUM

RELATED ARTICLES