WebApp Sec mailing list archives
RE: web application scanning tool - any unsecure demo sites out there to run them against?
From: "Chris Grove" <cgrove () imperva com>
Date: Tue, 18 Mar 2008 15:37:20 -0700
You may also want to look into Hackme Casino, Hackme Shipping, Hackme Bank, etc... They are Mcafee / Foundstone tools that are free downloads from their site. They give you an environment that's vulnerable to many different (albeit older) attacks. They can be found here under Foundstone SASS Tools: http://www.foundstone.com/us/resources-free-tools.asp Regards, Chris Grove, CISSP, NSA-IAM Professional Services Consultant iMPERVA +1 (813) 508-8591 Mobile cgrove () imperva com http://iMPERVA.com -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of bigbert007 Sent: Tuesday, March 18, 2008 10:03 AM To: webappsec () securityfocus com Subject: web application scanning tool - any unsecure demo sites out there to run them against? Hi everyone, I'm working on a project that involves evaluation web app scanning tools. I'm looking to run each of the scanning tools against the following app types: 1. J2EE 2. ASP.Net 3. PHP 4. ColdFusion I know that WebGoat is out there on the OWASP site for testing/learning purposes, but I am coming up empty handed for the the other app types. Does anyone have any suggestions for "ready-made" sites like the above that I could get my hands on? Thanks! Bert --- avast! Antivirus: Outbound message clean. Virus Database (VPS): 080318-0, 03/18/2008 Tested on: 3/18/2008 10:02:48 AM avast! - copyright (c) 1988-2008 ALWIL Software. http://www.avast.com ------------------------------------------------------------------------ - Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F ------------------------------------------------------------------------ - ------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- web application scanning tool - any unsecure demo sites out there to run them against? bigbert007 (Mar 18)
- RE: web application scanning tool - any unsecure demo sites out there to run them against? Darren Webb (Mar 18)
- RE: web application scanning tool - any unsecure demo sites out there to run them against? Chris Grove (Mar 18)
- <Possible follow-ups>
- Fwd: Re: web application scanning tool - any unsecure demo sites out there to run them against? RUI PEREIRA - WCG (Mar 18)
- RE: Re: web application scanning tool - any unsecure demo sites out there to run them against? Thakrar, Saurabh (Mar 18)