OWASP WebGoat Project Detailed solution hints WebGoat in action WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat in either J2EE (this page) or [WebGoat for .Net] in ASP.NET. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat applications. Why the name "WebGoat"? To get started, read the WebGoat User and Install Guide Goals Web application security is difficult to learn and practice. The primary goal of the WebGoat project is simple: create a de-facto interactive teaching environment for web application security. Overview Performing session hijacking WebGoat for J2EE is written in Java and therefore installs on any platform with a Java virtual machine. For more details, please see the WebGoat User and Install Guide. Future Development WebGoat has been fairly stable for a few years. Current Downloads WebGoat 5.2 Standard
v3n0m-Scanner/Linux-v3n0m ยท GitHub - Vimperator Same-origin policy Security measure for client-side scripting This mechanism bears a particular significance for modern web applications that extensively depend on HTTP cookies[1] to maintain authenticated user sessions, as servers act based on the HTTP cookie information to reveal sensitive information or take state-changing actions. A strict separation between content provided by unrelated sites must be maintained on the client-side to prevent the loss of data confidentiality or integrity. It is very important to remember that the same-origin policy applies only to scripts. This means that resources such as images, CSS, and dynamically-loaded scripts, can be accessed across origins via the corresponding HTML tags[2] (with fonts being a notable exception[3]). Cross site request forgery attacks take advantage of the fact that the same origin policy does not apply to HTML tags. History[edit] The concept of same-origin policy dates back to Netscape Navigator 2 in 1995. Implementation[edit] JSONP[edit]
i What is Mutillidae? Mutillidae is a free, open source web application provided to allow security enthusiest to pen-test and hack a web application. Mutillidae can be installed on Linux, Windows XP, and Windows 7 using XAMMP making it easy for users who do not want to install or administrate their own webserver. It is already installed on Samurai WTF. Mutillidae has been tested/attacked with Cenzic Hailstorm ARC, W3AF, SQLMAP, Samurai WTF, Backtrack, HP Web Inspect, Burp-Suite, NetSparker Community Edition, and other tools. The current version of Mutillidae, code named "NOWASP Mutillidae 2.x", was developed by Jeremy Druin aka webpwnized. Downloads All Versions Announcements Twitter @webpwnized Quickstart Installation Video Quickstart Guide To Installing On Windows With Xampp Documentation Usage Instructions Mutillidae contains all of the vulnerabilties from the OWASP Top 10. Go to the OWASP Top 10 page to read about a vulnerability, then choose it from the list on the left to try it out. Notes
Damn Vulnerable Web App Cross-origin resource sharing Mechanism to request restricted resources from another domain CORS defines a way in which a browser and server can interact to determine whether or not it is safe to allow the cross-origin request.[3] It allows for more freedom and functionality than purely same-origin requests, but is more secure than simply allowing all cross-origin requests. The specification for CORS was originally published as a W3C Recommendation[4] but that document is obsolete.[5] The current actively-maintained specification that defines CORS is WHATWG's Fetch Living Standard.[6] How CORS works[edit] The CORS standard describes new HTTP headers which provide browsers a way to request remote URLs only when they have permission. Simple example[edit] Suppose a user visits and the page attempts a cross-origin request to fetch the user's data from Preflight example[edit] OPTIONS / Host: service.example.com Origin: [edit] [edit] [edit] History[edit]
i Deliberately Insecure Web Applications For Learning Web App Security Over the last few months I've been teaching free classes for the ISSA Kentuckiana chapter in Louisville Kentucky. After doing one on Nmap and another on Sniffers, I talked it over with my buddies Brian and Jeff and decided that the next one should be on web application vulnerabilities. Now the question becomes what to test against in a classroom environment? To tell the truth, I'm not as up on web application security as I think I need to be to teach the class yet, and I don't want to have to develop my own insecure code just to have something to test against in the lab. 1. What I needed were deliberately insecure web application designed for learning. BadStore Link: Platform: Perl, Apache and MySQL Install: Meant to run by booting a Live CD, but I'd recommend using my Live CD VMX Notes: Easy to set up, and it's nice that you can run it from a VM with a little work. Other Resources Change log:
BlackArch - ArchWiki - Vimperator Specialty Distributions alphaOS alphaOS is a simple and minimalistic Linux distribution for the x86-64 architecture, built using Linux Live Kit set of scripts developed by Tomas M. It is based on Arch Linux and uses pacman as the default package manager. Antergos Antergos is an elegant and very customizable system for desktop. ArchAssault ArchAssault, everything you love about Arch Linux but with the security professional and hackers in mind. The ARM line is to help you build the security devices of your dreams with many Open Source devices on the market. ArchBang ArchBang LIVE CD = Arch Linux w/ Openbox (the name is inspired by CrunchBang Linux, which is Debian Linux w/ Openbox) ArchEX ArchEX, based on Arch Linux, is one of the Linux Live DVDs created by C.A. Homepage: Screenshot: DistroWatch Entry: Arch Linux ARM Arch Linux ARM is the new unified effort from PlugApps & ArchMobile. archboot BBQLinux
OPTIONS - HTTP The HTTP OPTIONS method is used to describe the communication options for the target resource. The client can specify a URL for the OPTIONS method, or an asterisk (*) to refer to the entire server. Syntax OPTIONS /index.html HTTP/1.1 OPTIONS * HTTP/1.1 Examples Identifying allowed request methods To find out which request methods a server supports, one can use curl and issue an OPTIONS request: curl -X OPTIONS -i The response then contains an Allow header with the allowed methods: HTTP/1.1 204 No Content Allow: OPTIONS, GET, HEAD, POST Cache-Control: max-age=604800 Date: Thu, 13 Oct 2016 11:45:00 GMT Expires: Thu, 20 Oct 2016 11:45:00 GMT Server: EOS (lax004/2813) x-ec-custom-error: 1 Preflighted requests in CORS In CORS, a preflight request with the OPTIONS method is sent, so that the server can respond whether it is acceptable to send the request with these parameters. Specifications Browser compatibility The compatibility table in this page is generated from structured data.
OWASP Broken Web Applications Project Main The Broken Web Applications (BWA) Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in: learning about web application security testing manual assessment techniques testing automated tools testing source code analysis tools observing web attacks testing WAFs and similar code technologies all the while saving people interested in doing either learning or testing the pain of having to compile, configure, and catalog all of the things normally involved in doing this process from scratch. We urge interested parties to join our Google Group or check out our Google Code Page. Direct Download link This project is sponsored in part by News 27-Sep-2013 -- OWASP Broken Web Applications version 1.1.1 was released. 30-Jul-2013 -- OWASP Broken Web Applications version 1.1 was released. 25-Jul-2012 -- Chuck Willis demonstrates OWASP BWA at the Black Hat USA Arsenal. 24-Jul-2012 -- OWASP Broken Web Applications version 1.0 was released.