WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Web Security Dojo v1.0 release

From: Steve Pinkham <steve.pinkham () gmail com>
Date: Thu, 25 Feb 2010 12:54:01 -0500
Web Security Dojo v1.0 is now available for free at
http://dojo.mavensecurity.com

Web Security Dojo is a turnkey web application security lab with tools,
targets, and training materials built into a Virtual Machine(VM).
It is ideal for both self-instruction and training classes since
everything is pre-configured and no external network connection is
needed.  All tools and targets are configured to use non-conflicting
ports and a Firefox proxy switcher is set up to match.

Web Security Dojo is an open source project built on Ubuntu and hosted
at SourceForge. It is available in three flavors: a Virtualbox VM, VMWare VM, and a build script which can be used on a standard Ubuntu 9.10 install to produce the Dojo. 
Collaboration and contributions are welcomed.

Major highlights:
Targets:
    * OWASP WebGoat
    * Damn Vulnerable Web App
    * Hacme Casino
    * OWASP InsecureWebApp
    * custom PHP scripts including REST and JSON labs

Tools:
    * Burp Suite (free version)[Thanks to Portswigger for permission to
redistribute]
    * w3af
    * OWASP Skavenger
    * OWASP Dirbuster
    * Paros
    * Webscarab
    * Ratproxy
    * sqlmap
    * helpful Firefox add-ons

For a quick start grab the VM from http://dojo.mavensecurity.com and
read the included Readme file and/or watch the intro video at
http://www.youtube.com/watch?v=lum6bSsyJ38.

--
 | Steven Pinkham, Security Researcher    |
 | http://www.mavensecurity.com           |
 | GPG public key ID CD31CAFB             |




This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus 
--------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: