Difference between revisions of "OWASP/Training/OWASP WebGoat Project"

Jump to: navigation, search
Line 23: Line 23:
| Material = [http://www.owasp.org/index.php/File:OWASPAppSec2007Milan_WebGoatv5.ppt Web Goat Presentation]
| Material = [http://www.owasp.org/images/5/55/OWASP_WebGoat.ppt Web Goat Presentation]

Revision as of 07:28, 16 April 2010

OWASP WebGoat Project
Overview & Goal
Web Goat is a deliberately insecure J2EE web application to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application. The application is a realistic teaching environment, providing users with hints and code to further explain the lesson. The primary goal of the WebGoat project is simple: create a de-facto interactive teaching environment for web application security.
Contents Materials
WebGoat is written in Java and therefore installs on any platform with a Java virtual machine. Once deployed, the user can go through the lessons and track their progress with the scorecard. There are currently over 30 lessons, including those dealing with the following issues:


Web Goat Presentation