Projects/OWASP Rails Goat Project

=Main=



{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 * valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

OWASP Railsgoat Project
This is a Rails application which is vulnerable to the OWASP Top 10. It is intended to show how each of these categories of vulnerabilities can manifest themselves in a Rails-specific way as well as provide the subsequent mitigations for each.

Introduction
Ruby on Rails is an incredibly popular web development framework. There are security concerns whether it be configuration related or language specific, developer-introduced vulnerabilities. Railsgoat comes pre-packaged with a tutorial section that covers the description of an issue, where the code flaw exists within the application, solution (for attack and prevention/mitigation), as well as a hint for those that would like to try and find the vulnerabilities themselves.

Additionally, Railsgoat contains Unit-Tests that demonstrate the basics of writing security-based Unit-Tests.

Description

 * Project information: http://railsgoat.cktricky.com
 * Source code: https://github.com/OWASP/railsgoat

Licensing
OWASP Railsgoat is free to use. It is licensed under the MIT license.


 * valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

Project Leader
Ken Johnson & Mike McCabe

Quick Download

 * https://github.com/OWASP/railsgoat

Classifications

 * }

= Acknowledgements =

Volunteers
NodeGoat is developed by a worldwide team of volunteers. The contributors to date have been:


 * Ken Johnson
 * Mike McCabe
 * Al Snow
 * James Espinosa

Others
= Road Map and Getting Involved =

Road Map
https://github.com/OWASP/railsgoat/issues

Getting Involved
Submit GitHub Pull Requests to add code. Submit Issues to make feature requests.

To contribute, or to know more, contact at ken (DOT) johnson (AT) owasp (DOT) org

=FAQs=

=Project About=