[WEB SECURITY] Any Vulnerable Web-Services available online fortesting?

Pankaj Upadhyay mr.p.upadhyay at gmail.com
Mon Feb 3 11:04:31 EST 2014


Thanks guys.. I know that the list of vulnerable Web Applications is very
exhaustive though my point of interest was 'Web Services'. I also
understand that most of vulnerable webapps are already providing some
vulnerable webservices. I haven't tried them so far so its time to see
through them. Thanks again!


On Mon, Feb 3, 2014 at 8:53 PM, <ruiper at wavefrontcg.com> wrote:

> Ummm
>
> http://testphp.acunetix.com is down, not accessible or no longer exists?
> http://testasp.acunetix.com has moved to http://testasp.vulnweb.com
> http://testaspnet.acunetix.com has moved to testaspnet.vulnweb.com
>
> And these do not provide web services
>
> - Rui
>
> On 2014-02-03 09:11, Albert Sans wrote:
>
>> Acunetix (live):
>>
>> http://testphp.acunetix.com [17]
>> http://testasp.acunetix.com [18]
>> http://testaspnet.acunetix.com [19]
>>
>>
>> Regards,
>> Albert
>>
>> 2014-02-03 psiinon <psiinon at gmail.com>:
>>
>>  Theres a pretty complete list of vulnerable web apps here:
>>>
>>>  https://www.owasp.org/index.php/OWASP_Vulnerable_Web_
>> Applications_Directory_Project
>>
>>> [1]
>>>
>>>
>>> We dont currently flag those that provide web services, but we
>>> could
>>> easily add such info in the Notes fields.
>>>
>>> Note that this project is on GitHub, so you can just send us pull
>>> requests: https://github.com/OWASP/OWASP-VWAD [2]
>>>
>>>
>>> Simon
>>>
>>> On Mon, Feb 3, 2014 at 11:01 AM, Ivan Buetler
>>> <ivan.buetler at csnc.ch> wrote:
>>>
>>>> Or use free online challenge environment (VPN required)
>>>>
>>>> https://www.owasp.org/index.php/OWASP_Hacking_Lab [3]
>>>>
>>>> Ivan
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> From: websecurity
>>>>
>>> [mailto:websecurity-bounces at lists.webappsec.org] On Behalf
>>>
>>>> Of vijayVK velu
>>>> Sent: Montag, 3. Februar 2014 11:55
>>>> To: Pankaj Upadhyay
>>>> Cc: websecurity at lists.webappsec.org; Jason Wood
>>>> Subject: Re: [WEB SECURITY] Any Vulnerable Web-Services available
>>>>
>>> online
>>>
>>>> fortesting?
>>>>
>>>>
>>>>
>>>> demo.testfire.net [4]
>>>>
>>>> testphp.vulnweb.com [5]
>>>>
>>>> testasp.vulnweb.com [6]
>>>>
>>>> zero.webappsecurity.com [7]
>>>>
>>>> crackme.cenzic.com [8]
>>>>
>>>> webscantest.com [9]
>>>>
>>>>
>>>>
>>>>
>>>> Else spin a XAMMP or LAMP and put DVWA, webgoat or  jarlsbery on
>>>>
>>> it.
>>>
>>>>
>>>>
>>>>
>>>> Cheers
>>>>
>>>> Vj
>>>>
>>>>
>>>>
>>>> On 2 February 2014 23:30, Pankaj Upadhyay
>>>>
>>> <mr.p.upadhyay at gmail.com> wrote:
>>>
>>>>
>>>> Thanks all! I'm going through all of them.. Appreciate the help!
>>>>
>>>>
>>>>
>>>> On Sun, Feb 2, 2014 at 12:09 AM, Jason Wood
>>>>
>>> <jason at jwnetworkconsulting.com>
>>>
>>>> wrote:
>>>>
>>>> Damn Vulnerable Web Services has been released by Secure Ideas.
>>>>
>>>> http://dvws.professionallyevil.com [10]
>>>>
>>>>
>>>>
>>>> Jason
>>>>
>>>>
>>>>  On Feb 1, 2014, at 10:07 AM, Pankaj Upadhyay
>>>>>
>>>> <mr.p.upadhyay at gmail.com>
>>>
>>>> wrote:
>>>>>
>>>>> Hi All,
>>>>>
>>>>> As someone has compiled a list of all intentionally vulnerable
>>>>>
>>>> web
>>>
>>>> applications, do we have any such list for web services?
>>>>>
>>>>> I need some vulnerable web-services for my learning. Thought if
>>>>>
>>>> any of you
>>>
>>>> know any such available web-services?
>>>>>
>>>>> --
>>>>> Thanks,
>>>>> Pankaj Upadhyay
>>>>>
>>>>>
>>>>  _______________________________________________
>>>>> The Web Security Mailing List
>>>>>
>>>>> WebSecurity RSS Feed
>>>>> http://www.webappsec.org/rss/websecurity.rss [11]
>>>>>
>>>>> Join WASC on LinkedIn
>>>>>
>>>> http://www.linkedin.com/e/gis/83336/4B20E4374DBA [12]
>>>
>>>>
>>>>> WASC on Twitter
>>>>> http://twitter.com/wascupdates [13]
>>>>>
>>>>> websecurity at lists.webappsec.org
>>>>>
>>>>>
>>>>>
>>>  http://lists.webappsec.org/mailman/listinfo/websecurity_
>> lists.webappsec.org
>>
>>> [14]
>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Thanks,
>>>> Pankaj Upadhyay
>>>>
>>>>
>>>> _______________________________________________
>>>> The Web Security Mailing List
>>>>
>>>> WebSecurity RSS Feed
>>>> http://www.webappsec.org/rss/websecurity.rss [11]
>>>>
>>>> Join WASC on LinkedIn
>>>>
>>> http://www.linkedin.com/e/gis/83336/4B20E4374DBA [12]
>>>
>>>>
>>>> WASC on Twitter
>>>> http://twitter.com/wascupdates [13]
>>>>
>>>> websecurity at lists.webappsec.org
>>>>
>>>>
>>>  http://lists.webappsec.org/mailman/listinfo/websecurity_
>> lists.webappsec.org
>>
>>> [14]
>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Regards
>>>> Vijay L|PT,E|CSA,C|EH,C|HFI
>>>> http://vijayvkvelu.blogspot.com [15]
>>>> http://in.linkedin.com/in/vijayvelu [16]
>>>>
>>>> mailto:vijayvkvelu at gmail.com
>>>> " Mess with the Best , Die like the Rest"
>>>>
>>>>
>>>> _______________________________________________
>>>> The Web Security Mailing List
>>>>
>>>> WebSecurity RSS Feed
>>>> http://www.webappsec.org/rss/websecurity.rss [11]
>>>>
>>>> Join WASC on LinkedIn
>>>>
>>> http://www.linkedin.com/e/gis/83336/4B20E4374DBA [12]
>>>
>>>>
>>>> WASC on Twitter
>>>> http://twitter.com/wascupdates [13]
>>>>
>>>> websecurity at lists.webappsec.org
>>>>
>>>>
>>>  http://lists.webappsec.org/mailman/listinfo/websecurity_
>> lists.webappsec.org
>>
>>> [14]
>>>
>>>
>>>>
>>> --
>>> OWASP ZAP Project leader
>>>
>>> _______________________________________________
>>> The Web Security Mailing List
>>>
>>> WebSecurity RSS Feed
>>> http://www.webappsec.org/rss/websecurity.rss [11]
>>>
>>> Join WASC on LinkedIn
>>> http://www.linkedin.com/e/gis/83336/4B20E4374DBA [12]
>>>
>>> WASC on Twitter
>>> http://twitter.com/wascupdates [13]
>>>
>>> websecurity at lists.webappsec.org
>>>
>>>  http://lists.webappsec.org/mailman/listinfo/websecurity_
>> lists.webappsec.org
>>
>>> [14]
>>>
>>
>>
>>
>> Links:
>> ------
>> [1]
>> https://www.owasp.org/index.php/OWASP_Vulnerable_Web_
>> Applications_Directory_Project
>> [2] https://github.com/OWASP/OWASP-VWAD
>> [3] https://www.owasp.org/index.php/OWASP_Hacking_Lab
>> [4] http://demo.testfire.net
>> [5] http://testphp.vulnweb.com
>> [6] http://testasp.vulnweb.com
>> [7] http://zero.webappsecurity.com
>> [8] http://crackme.cenzic.com
>> [9] http://webscantest.com
>> [10] http://dvws.professionallyevil.com
>> [11] http://www.webappsec.org/rss/websecurity.rss
>> [12] http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>> [13] http://twitter.com/wascupdates
>> [14] http://lists.webappsec.org/mailman/listinfo/websecurity_
>> lists.webappsec.org
>> [15] http://vijayvkvelu.blogspot.com
>> [16] http://in.linkedin.com/in/vijayvelu
>> [17] http://testphp.acunetix.com
>> [18] http://testasp.acunetix.com
>> [19] http://testaspnet.acunetix.com
>>
>>
>> _______________________________________________
>> The Web Security Mailing List
>>
>> WebSecurity RSS Feed
>> http://www.webappsec.org/rss/websecurity.rss
>>
>> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>>
>> WASC on Twitter
>> http://twitter.com/wascupdates
>>
>> websecurity at lists.webappsec.org
>> http://lists.webappsec.org/mailman/listinfo/websecurity_
>> lists.webappsec.org
>>
>
> _______________________________________________
> The Web Security Mailing List
>
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
>
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
> WASC on Twitter
> http://twitter.com/wascupdates
>
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_
> lists.webappsec.org
>



-- 
Thanks,
Pankaj Upadhyay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20140203/86c2797d/attachment.html>


More information about the websecurity mailing list