Difference between revisions of "OWASP Bricks"

From OWASP
Jump to: navigation, search
m
(11 intermediate revisions by one user not shown)
Line 6: Line 6:
 
* The mission is to 'break the bricks' and thus learn the various aspects of web application security.<br><br>
 
* The mission is to 'break the bricks' and thus learn the various aspects of web application security.<br><br>
  
'''[http://sechow.com/bricks/download.html Download Bricks] | [https://www.youtube.com/OWASPBricks Watch videos] | [http://sechow.com/bricks/docs/ Documentation]<br><br>
+
'''[http://sechow.com/bricks/download.html Download Bricks] | [https://www.youtube.com/OWASPBricks Watch videos] | [http://sechow.com/bricks/docs/ Documentation]<br>
 
= Bricks =
 
= Bricks =
  
Line 19: Line 19:
 
| Log in page #1
 
| Log in page #1
 
| bricks/login-1/
 
| bricks/login-1/
| [http://sechow.com/bricks/docs/login-1.html Text] | [http://www.youtube.com/watch?v=mCo6ajvBv50 Video]
+
| [http://sechow.com/bricks/docs/login-1.html Text][http://www.youtube.com/watch?v=mCo6ajvBv50 Video]
 
|-
 
|-
 
| 2
 
| 2
| File upload page #2
+
| File upload page #1
 
| bricks/upload-1/
 
| bricks/upload-1/
| [http://sechow.com/bricks/docs/file-upload-1.html Text] | [http://www.youtube.com/watch?v=N6SAzEkgJ3s Video]
+
| [http://sechow.com/bricks/docs/file-upload-1.html Text], [http://www.youtube.com/watch?v=N6SAzEkgJ3s Video]
 
|-
 
|-
 
| 3
 
| 3
| Content page #3
+
| Content page #1
 
| bricks/content-1/
 
| bricks/content-1/
| [http://sechow.com/bricks/docs/content-page-1.html Text] | [http://www.youtube.com/watch?v=j5I0wPvQxTg Video]
+
| [http://sechow.com/bricks/docs/content-page-1.html Text], [http://www.youtube.com/watch?v=j5I0wPvQxTg Video]
 +
|-
 +
| 4
 +
| Log in page #2
 +
| bricks/login-2/
 +
| [http://sechow.com/bricks/docs/login-2.html Text], [http://www.youtube.com/watch?v=nZYejElQxhk Video]
 +
|-
 +
| 5
 +
| Content page #2
 +
| bricks/content-2/
 +
| [http://sechow.com/bricks/docs/content-page-2.html Text], [http://www.youtube.com/watch?v=7TkRBREYn6Y Video]
 +
|-
 +
| 6
 +
| File upload page #2
 +
| bricks/upload-2/
 +
| [http://sechow.com/bricks/docs/file-upload-2.html Text], [http://www.youtube.com/watch?v=tsDClYorsXI Video]
 +
|-
 +
| 7
 +
| Log in page #3
 +
| bricks/login-3/
 +
| [http://sechow.com/bricks/docs/login-3.html Text], [http://www.youtube.com/watch?v=Glsl-UR2OmU Video]
 
|-
 
|-
 
|}
 
|}
<br>
 
 
= Road map =
 
= Road map =
 
# Demonstrate maximum variations of most common vulnerabilities
 
# Demonstrate maximum variations of most common vulnerabilities
Line 44: Line 63:
 
=Project About=
 
=Project About=
 
{{:Projects/OWASP_Bricks}}  
 
{{:Projects/OWASP_Bricks}}  
[[Category:OWASP Project]]
+
[[Category:OWASP Project|Bricks]]
 +
[[Category:OWASP Download|Bricks]]
 +
[[Category:OWASP Tool|Bricks]]
 +
[[Category:OWASP Alpha Quality Tool|Bricks]]

Revision as of 08:22, 13 July 2013

OWASP Bricks

  • Bricks is a deliberately vulnerable web application built on PHP and MySQL.
  • The project focuses on variations of commonly seen application security vulnerabilities and exploits.
  • Each 'brick' has some sort of vulnerability which can be exploited using tools (Mantra and ZAP).
  • The mission is to 'break the bricks' and thus learn the various aspects of web application security.

Download Bricks | Watch videos | Documentation

Bricks

Challenge Page URL Documentations
1 Log in page #1 bricks/login-1/ Text, Video
2 File upload page #1 bricks/upload-1/ Text, Video
3 Content page #1 bricks/content-1/ Text, Video
4 Log in page #2 bricks/login-2/ Text, Video
5 Content page #2 bricks/content-2/ Text, Video
6 File upload page #2 bricks/upload-2/ Text, Video
7 Log in page #3 bricks/login-3/ Text, Video

Road map

  1. Demonstrate maximum variations of most common vulnerabilities
  2. Help people to learn the need of secure codding practices and SSDLC
  3. Attract people to design more bricks
  4. Become a test bed for analyzing the performance of web application security scanners.
  5. Help people learn the manual method of testing the applications
  6. Demonstrate the possibilities of various security tools and techniques
  7. Become a platform to teach web application security in a class room/lab environment.

Project About

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Bricks (home page)
Purpose: Bricks, a deliberately vulnerable web application built on PHP & MySQL focuses on variations of commonly seen application security vulnerabilities & exploits, which can be exploited using tools (Mantra & ZAP). The mission is to 'break the bricks'.
License: Apache 2.0 License (fewest restrictions, even allowing proprietary modifications and proprietary forks of your project)
who is working on this project?
Project Leader(s):
  • Abhi M Balakrishnan @
how can you learn more?
Project Pamphlet: View
Project Presentation: View
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Abhi M Balakrishnan @ to contribute to this project
  • Contact Abhi M Balakrishnan @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Tuivai - 30 November 2013 - (download)
Release description: 13th public release
Rating: Projects/OWASP Bricks/GPC/Assessment/Tuivai
last reviewed release
Not Yet Reviewed


other releases