OWASP WebGoat + WebScarab
一、OWASP WebScarab Project
a tool for performing all types of security testing on web applications and web services
a tool for performing all types of security testing on web applications and web services
安裝方法:
Linux: java -jar ./webscarab-selfcontained-[numbers].jar
Windows: double-click the installer jar file
Linux: java -jar ./webscarab-selfcontained-[numbers].jar
Windows: double-click the installer jar file
A Mac OS X package of the latest version can usually be found on Corsaire's download page.
You can also try the Java Web Start version, which was signed by Rogan Dawes.
演示&教程下載地址:
1. [url]http://sourceforge.net/project/showfiles.php?group_id=233075&package_id=286265[/url]
2. [url]http://yehg.net/lab/pr0js/training/webscarab.php[/url]
演示&教程下載地址:
1. [url]http://sourceforge.net/project/showfiles.php?group_id=233075&package_id=286265[/url]
2. [url]http://yehg.net/lab/pr0js/training/webscarab.php[/url]
截圖:
二、OWASP WebGoat Project
an online training environment for hands-on learning about application security
鬼仔注:也是WebScarab的那些演示中用的那套系統。
an online training environment for hands-on learning about application security
鬼仔注:也是WebScarab的那些演示中用的那套系統。
安裝方法:
* Double-click on webgoat.bat - a Tomcat command window starts
* Browse to [url]http://localhost/WebGoat/attack[/url]
* Double-click on webgoat.bat - a Tomcat command window starts
* Browse to [url]http://localhost/WebGoat/attack[/url]
截圖: