Secure Coding mailing list archives
Web Application Exploits and Defenses
From: ken at krvw.com (Kenneth Van Wyk)
Date: Wed, 5 May 2010 09:44:55 -0400
The folks at Google have released some web app training, along with a vulnerable web app sandbox to play in. The tool is called Jarlsberg. Anyone here take a look at it yet, and have an opinion about it? The description (see below) sounds kinda sorta like OWASP's WebGoat, except that the vulnerable app itself is written in Python. Oh, and the app is available on the web, as well as in source code (under Creative Commons). http://jarlsberg.appspot.com/ There's also an instructor's guide available at: http://code.google.com/edu/submissions/jarlsberg/Jarlsberg_Instructor_Guide.pdf Cheers, Ken ----- Kenneth R. van Wyk KRvW Associates, LLC http://www.KRvW.com Follow us on Twitter at: http://twitter.com/KRvW_Associates -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3337 bytes Desc: not available URL: <http://krvw.com/pipermail/sc-l/attachments/20100505/cc2dfed1/attachment.bin>
Current thread:
- Web Application Exploits and Defenses Kenneth Van Wyk (May 05)
- Web Application Exploits and Defenses Rob Floodeen (May 05)