Secure Coding mailing list archives

Web Application Exploits and Defenses

From: ken at krvw.com (Kenneth Van Wyk)
Date: Wed, 5 May 2010 09:44:55 -0400

The folks at Google have released some web app training, along with a vulnerable web app sandbox to play in.  The tool 
is called Jarlsberg.  Anyone here take a look at it yet, and have an opinion about it?

The description (see below) sounds kinda sorta like OWASP's WebGoat, except that the vulnerable app itself is written 
in Python.  Oh, and the app is available on the web, as well as in source code (under Creative Commons).

http://jarlsberg.appspot.com/ 

There's also an instructor's guide available at:

http://code.google.com/edu/submissions/jarlsberg/Jarlsberg_Instructor_Guide.pdf


Cheers,

Ken

-----
Kenneth R. van Wyk
KRvW Associates, LLC
http://www.KRvW.com

Follow us on Twitter at: http://twitter.com/KRvW_Associates





-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3337 bytes
Desc: not available
URL: <http://krvw.com/pipermail/sc-l/attachments/20100505/cc2dfed1/attachment.bin>

Current thread:

Web Application Exploits and Defenses Kenneth Van Wyk (May 05)
- Web Application Exploits and Defenses Rob Floodeen (May 05)