Thursday, March 3, 2016

OWASP WebGoat and Security Shepherd Projects

If you are new to (web application)security or want to extend your knowledge, the guys from OWASP created 2 great projects to get you started:

OWASP

OWASP WebGoat Project

From the website:

WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat. There are other 'goats' such as WebGoat for .Net. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat applications. For example, in one of the lessons the user must use SQL injection to steal fake credit card numbers. The application aims to provide a realistic teaching environment, providing users with hints and code to further explain the lesson.

Links:

OWASP Security Shepherd

From the website:

The OWASP Security Shepherd project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. The aim of this project is to take AppSec novices or experienced engineers and sharpen their penetration testing skillset to security expert status.

Links:

No comments: