[WEB SECURITY] vulnerable web application needed for testing

psiinon psiinon at gmail.com
Mon Mar 19 13:36:59 EDT 2012


Hi Ram,

Theres a very comprehensive list here:
http://securitythoughts.wordpress.com/2010/03/22/vulnerable-web-applications-for-learning/

If you're looking for a simple shopping cart type app then have a look
at the Bodge It Store: http://code.google.com/p/bodgeit/
Its very easy to deploy (drop the war file in a servlet engine) and
uses an in memory db, so no complex setup.
Its too easy for professional pentesters, but a nice simple intro for
everyone else.
But I'm biased as I wrote it ;)

Cheers,

Psiinon

--
OWASP ZAP: Toolsmith Tool of the Year 2011

On Mon, Mar 19, 2012 at 5:21 PM, Ramesh Mv <mvram03 at gmail.com> wrote:
>
> Dear All,
>
>
>
> I want to perform vulnerable assessment test in my lab but i do not have any proper web application to test the scenarios. I want to learn / test owasp top 10 vulnerabilities. I’m looking for an dummy bank/shopping cart (not web goat) application for CSRF,XSS tastings.
>
>
>
> Can anyone please provide any free web application where i can download and deploy in my web server?
>
>
> Thanks in advance,
>
> Rgds,
> Ram
>
>
>
>
> _______________________________________________
> The Web Security Mailing List
>
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
>
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
> WASC on Twitter
> http://twitter.com/wascupdates
>
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>



More information about the websecurity mailing list