WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

New OWASP .NET Project and WebGoat 3.0 Beta Released

From: Mark Curphey <mark () curphey com>
Date: Wed, 07 Jan 2004 15:44:56 -0500 (EST)
We are very pleased to announce a new collection of projects at OWASP focusing on ASP.NET. Lead by Dinis Cruz of DDPlus 
in the UK, the projects inherit ANSA, an ASP.NET security analyzer, ABS a classic ASP security analyzer as well as some 
papers and tools for testing the security of ASP.NET is shared hosting environments. 

These projects originally started life at www.gotdotnet.com and have now moved to be the initial core of the OWASP.NET 
projects that we hope to grow pretty rapidly over the year. Dinis is actively looking for other .NET developers that 
can help him enhance the current code base and develop new projects such as a C# XSS tester and other ideas. 

You can download ANSA Version 0.3 at Sourceforge using

http://cvs.sourceforge.net/viewcvs.py/*checkout*/owasp/dotnet/ansa/dist/owasp-ansa_03.zip?rev=1.1

Look for the other initial projects code and new project information online very soon.   If you are interested in 
developing or have projects or code you wish to contribute (as always open source copyrighted to the FSF.

We are also very pleased to be able to release the Version 3.0 Beta of WebGoat. WebGoat is an interactive web 
application security training tool written by Aspect Security with lessons on topics like SQL Injection, XSS and so on. 
This version fixes many bugs, has a much nicer installer and a new feature called the ScoreCard. The Scorecard keeps 
track of whether you have turned on hints and how many times you had to attempt each exploit before you were 
successful. ItÂ’s a pretty reasonable benchmark to see how good you or your tools are! The final version is scheduled to 
be released in a week or so when we release the OWASP Top 10 for 2004. WebGoat version 3 has (or will have) lessons for 
each category in the Top Ten. Big thanks to Bruce Mayhew and Jeff Williams and Bill Hau for their hard work on this.

You can download OWASP WebGoat Verison 3.0 from Sourceforge

Windows Installer

http://cvs.sourceforge.net/viewcvs.py/*checkout*/owasp/webgoat/dist/install_WebGoat-3.0_windows.jar?rev=1.2

Unix Installer

http://cvs.sourceforge.net/viewcvs.py/*checkout*/owasp/webgoat/dist/install_WebGoat-3.0_unix.jar?rev=1.2

Enjoy !!!
Previous By Date Next
Previous By Thread Next

Current thread: