Hi All, As someone has compiled a list of all intentionally vulnerable web applications, do we have any such list for web services? I need some vulnerable web-services for my learning. Thought if any of you know any such available web-services? -- Thanks, Pankaj Upadhyay

HacmeBank vulnerable web app has a webservice with a number of vulnerabilities. On 1 Feb 2014 17:07, "Pankaj Upadhyay" <mr.p.upadhyay@gmail.com> wrote: > Hi All, > > As someone has compiled a list of all intentionally vulnerable web > applications, do we have any such list for web services? > > I need some vulnerable web-services for my learning. Thought if any of you > know any such available web-services? > > -- > Thanks, > Pankaj Upadhyay > > > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org > >

Hi Pankaj, This might help you. http://blog.taddong.com/2011/10/hacking-vulnerable-web-applications.html On Sat, Feb 1, 2014 at 11:31 PM, Dinis Cruz <dinis.cruz@owasp.org> wrote: > HacmeBank vulnerable web app has a webservice with a number of > vulnerabilities. > On 1 Feb 2014 17:07, "Pankaj Upadhyay" <mr.p.upadhyay@gmail.com> wrote: > >> Hi All, >> >> As someone has compiled a list of all intentionally vulnerable web >> applications, do we have any such list for web services? >> >> I need some vulnerable web-services for my learning. Thought if any of >> you know any such available web-services? >> >> -- >> Thanks, >> Pankaj Upadhyay >> >> >> _______________________________________________ >> The Web Security Mailing List >> >> WebSecurity RSS Feed >> http://www.webappsec.org/rss/websecurity.rss >> >> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA >> >> WASC on Twitter >> http://twitter.com/wascupdates >> >> websecurity@lists.webappsec.org >> >> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org >> >> > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org > > -- With Regards, *Shubham Mittal* Security Analyst *iViZ Techno Solutions Private Limited* # 595, "SLA Arcade", 2nd Floor, 15th Cross, 1st Phase, Outer Ring Road, J.P. Nagar Bangalore - 560 078 Mob. +91-9620469076

Damn Vulnerable Web Services has been released by Secure Ideas. http://dvws.professionallyevil.com Jason > On Feb 1, 2014, at 10:07 AM, Pankaj Upadhyay <mr.p.upadhyay@gmail.com> wrote: > > Hi All, > > As someone has compiled a list of all intentionally vulnerable web applications, do we have any such list for web services? > > I need some vulnerable web-services for my learning. Thought if any of you know any such available web-services? > > -- > Thanks, > Pankaj Upadhyay > > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org

There is also WackoPicko https://github.com/adamdoupe/WackoPicko Cheers, Alexandros Kapravelos PhD Student in Computer Science University of California, Santa Barbara On Sat, Feb 1, 2014 at 10:39 AM, Jason Wood <jason@jwnetworkconsulting.com>wrote: > Damn Vulnerable Web Services has been released by Secure Ideas. > > http://dvws.professionallyevil.com > > > Jason > > > On Feb 1, 2014, at 10:07 AM, Pankaj Upadhyay <mr.p.upadhyay@gmail.com> > wrote: > > > > Hi All, > > > > As someone has compiled a list of all intentionally vulnerable web > applications, do we have any such list for web services? > > > > I need some vulnerable web-services for my learning. Thought if any of > you know any such available web-services? > > > > -- > > Thanks, > > Pankaj Upadhyay > > > > _______________________________________________ > > The Web Security Mailing List > > > > WebSecurity RSS Feed > > http://www.webappsec.org/rss/websecurity.rss > > > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > > > WASC on Twitter > > http://twitter.com/wascupdates > > > > websecurity@lists.webappsec.org > > > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org > > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org >