OWASP iGoat Project
Welcome to the iGoat OWASP project home page.
iGoat is a learning tool for iOS developers (iPhone, iPad, etc.). It was inspired by the WebGoat project, and has a similar conceptual flow to it.
As such, iGoat is a safe environment where iOS developers can learn about the major security pitfalls they face as well as how to avoid them. It is made up of a series of lessons that each teach a single (but vital) security lesson.
The lessons are laid out in the following steps:
- Brief introduction to the problem.
- Verify the problem by exploiting it.
- Brief description of available remediations to the problem.
- Fix the problem by correcting and rebuilding the iGoat program.
Step 4 is optional, but highly recommended for all iOS developers. Assistance is available within iGoat if you don't know how to fix a specific problem.
iGoat is free software, released under the GPLv3 license.
iGoat can be downloaded here: http://code.google.com/p/owasp-igoat/
iGoat has been designed and built to be a foundation on which to build a series of iOS security lessons. The initial iGoat release will include a handful of lessons to work through, but one of the aims of the project is to build a community of developers to help build out additional lessons over time -- much as WebGoat has before it.
Interested contributors are encouraged to contact the project leader (Ken van Wyk, firstname.lastname@example.org) to find out how they can contribute to future releases of iGoat.
The iGoat project was launched in May 2011. Version 2.1 was released on 9 April 2014. Source repository and download site:
| PROJECT INFO
What does this OWASP project offer you?
| RELEASE(S) INFO|
What releases are available for this project?