Home / documentation
Name Modified Size Downloads / Week Status
Parent folder
Totals: 7 Items   3.4 MB 117
change-log.html 2014-03-11 109.3 kB 22 weekly downloads
listing-of-vulnerabilities-in-mutillidae.txt 2013-11-17 8.5 kB 2828 weekly downloads
kentuckiana-issa-2012-conference-presentation-nowasp-mutillidae.pptx 2012-10-05 1.7 MB 22 weekly downloads
tips-on-php-strict-errors.txt 2012-08-10 1.2 kB 88 weekly downloads
tips-for-running-mutillidae-over-virtual-box-host-only-network.txt 2012-02-15 1.8 kB 1313 weekly downloads
mutillidae-installation-on-xampp-win7.pdf 2012-02-15 1.6 MB 2121 weekly downloads
mutillidae-installation-options.txt 2012-02-15 6.6 kB 4343 weekly downloads
Please see the documentation folder for installation instructions including information on suppressing PHP errors related to the project using OWASP ESAPI. *********************************** * Project Updates/Releases * *********************************** Project Updates/Releases : Twitter @webpwnized (http://twitter.com/webpwnized) *********************************** * Project Whitepaper * *********************************** Project Whitepaper: http://www.giac.org/paper/gwapt/3387/introduction-owasp-mutillidae-ii-web-pen-test-training-environment/126917 *********************************** * Download (GIT) * *********************************** Sourceforge GIT: https://sourceforge.net/p/mutillidae/git/ci/master/tree/ git clone git://git.code.sf.net/p/mutillidae/git mutillidae-git *********************************** * Download (ZIP) * *********************************** Sourceforge: https://sourceforge.net/projects/mutillidae/files/ NOTE: GIT updated (much) more frequently. ZIP will not be latest release. *********************************** * Documentation * *********************************** Project Whitepaper: http://www.giac.org/paper/gwapt/3387/introduction-owasp-mutillidae-ii-web-pen-test-training-environment/126917 Documentation: https://sourceforge.net/projects/mutillidae/files/documentation/ - Please note help file "tips-on-php-strict-errors.txt" concerning PHP strict errors *********************************** * Instructional Videos * *********************************** Web Pen Testing Instructional Videos: http://www.youtube.com/user/webpwnized/ ********************************************************************** * Installation/Introduction Videos * ********************************************************************** Mutillidae: Quickstart guide to installing NOWASP Mutillidae on Windows with XAMPP: https://www.youtube.com/watch?v=1hF0Q6ihvjc NOWASP Mutillidae: How to install and configure Burp-Suite with Firefox: https://www.youtube.com/watch?v=Fj0n17Jtnzw NOWASP Mutillidae: How to remove PHP errors after installing Mutillidae on Windows XAMPP: https://www.youtube.com/watch?v=kDo52RySRME NOWASP Mutillidae: Installing latest Mutillidae on Samurai WTF version 2: https://www.youtube.com/watch?v=y-Cz3YRNc9U KY ISSA Conference: Introduction to NOWASP Mutillidae Web Pen Testing Environment: https://www.youtube.com/watch?v=CYsiNYeAS6U *********************************** * Installation on XAMPP * *********************************** Quickstart Installation Video (YouTube): http://youtu.be/1hF0Q6ihvjc ********************************************************************************* * Separate Installation on Samurai WTF 2.0 (Without disturbing default version) * ********************************************************************************* Quickstart Installation Video (YouTube): http://youtu.be/y-Cz3YRNc9U Installation requires downloading the latest verion of NOWASP Mutillidae, unzipping the Zip file which contains a single folder named "mutillidae", and placing the "mutillidae" folder into /var/www directory. 1. Download latest version of Mutillidae 2. Unzip the latest version (the only folder in the ZIP file is the "mutillidae" folder) cd ~/Downloads unzip <name of download> 3. Become root user sudo -s 4. Copy the latest version to /var/www cp -R mutillidae /var/www/ Configuration is done by opening the /var/www/mutillidae/classes/MySQLHandler.php file and changing the default MySQL password from blank empty string to "samurai". 5. In file /var/www/mutillidae/classes/MySQLHandler.php, change the default MySQL password from blank empty string to "samurai". Starting the project is done by browsing to http://localhost/mutillidae and clicking the Reset-DB button on the menu bar. 6. Browse to http://localhost/mutillidae 7. Click the "ResetDB" button on the menu bar. *************************************************************** * Activate default version on Samurai WTF 2.0 * *************************************************************** By default on SamuraiWTF 2.0, the hosts file does not point to the web pen testing targets. However, the hosts.samurai file contains all the neccesary links. By copying the hosts.samurai file over the default hosts file, the menu links will operate and all the targets (including Mutillidae) will be available. As root user: sudo -s Backup the existing hosts file mv /etc/hosts /etc/hosts.original.backup Copy the SamuraiWTF hosts file to the hosts file cp /etc/hosts.samurai /etc/hosts Confirm overwrite if needed Menu shortcut is Applications -> Samurai -> Targets -> Mutillidae *************************************************************** * Installation on Samurai WTF 2.0 (Replacing default version) * *************************************************************** Activate default version if not already completed (see above) As root user: sudo -s Backup existing copy of mutillidae in the /usr/share directory 1. Backup the entire /usr/share/mutillidae directory mv /usr/share/mutillidae /usr/share/mutillidae.original.backup Installation requires downloading the latest verion of NOWASP Mutillidae, unzipping the Zip file which contains a single folder named "mutillidae", and placing the "mutillidae" folder into /var/www directory. 2. Download latest version of Mutillidae 3. Unzip the latest version (the only folder in the ZIP file is the "mutillidae" folder) cd ~/Downloads unzip <name of download> 4. Copy the latest version to /usr/share/ cp -R mutillidae /usr/share/mutillidae Configuration is done by opening the /usr/share/mutillidae/classes/MySQLHandler.php file and changing the default MySQL password from blank empty string to "samurai". 5. In file /usr/share/mutillidae/classes/MySQLHandler.php, change the default MySQL password from blank empty string to "samurai". Starting the project is done by browsing to http://localhost/mutillidae and clicking the Reset-DB button on the menu bar. 6. Browse to http://mutillidae 7. Click the "ResetDB" button on the menu bar.
Source: readme.txt, updated 2013-10-24