|
WebApp Sec
mailing list archives
Hacme Casino v1.0
From: <alex.smolen () foundstone com>
Date: Thu, 24 Aug 2006 17:15:07 -0700
Announcing the new addition to the Hacme, Inc. series of Foundstone free
tools, Hacme Casino!
Hacme Casino is an online casino, built with Ruby on Rails, with plenty
of AJAX functionality. It has security vulnerabilities "baked-in", and
is meant to help educate developers and testers about web application
security in the context of new technologies.
If you are interested in the security aspects Ruby on Rails and AJAX,
give Hacme Casino a try. It's a completely self-contained Ruby WEBrick
server and Rails application in a simple exe.
Vulnerabilities:
Blind SQL Injection
Cross-Site Request Forgery
Improper Session Management
Good, old fashioned cheating!
Features:
Multiple Users (Login and Register)
Blackjack
Video Poker
Roulette (Coming Soon!)
http://www.foundstone.com/resources/proddesc/hacmecasino.htm
So go ahead, try your luck, see if you can break the bank at Hacme
Casino!
Alex Smolen
Hacme Casino Author
Consultant, Foundstone Professional Services
-------------------------------------------------------------------------
Sponsored by: Watchfire
Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download a Free Trial of AppScan today!
https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnG
--------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- Hacme Casino v1.0 alex.smolen (Aug 24)
|
Intro
