WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Web Pen Test Honeypot

From: "Paul Melson" <pmelson () gmail com>
Date: Fri, 11 Jul 2008 11:37:52 -0400
What I need is a web application that has known security issues. I would
prefer one that was intentionally written to have scanners pointed to it
for testing the scanners.


http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
http://www.foundstone.com/us/resources/proddesc/hacmebank.htm
http://hackme.ntobjectives.com/

Be aware that most of the tools out there have been tested against these
test sites already and will find most of their vulnerabilities.  It's not
really a realistic evaluation of how they will fare against your site and
its applications.  But it will definitely put high-severity findings on the
report.

PaulM




-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web application security assessments should be 
considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: