Web Security Dojo

Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible script for those brave souls that want transform their stock Ubuntu into a virtual dojo. Bow to your sensei!

username: dojo
password: dojo

Features

vulnerable web applications
common web security testing tools
popular industry web application security guidelines
walk-throughs of several targets (no peeking ahead)
no Internet connect required to use

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 2.0 (GPLv2)

Follow Web Security Dojo

Web Security Dojo Web Site

Other Useful Business Software

Securden Privileged Account Manager

Unified Privileged Access Management

Discover and manage administrator, service, and web app passwords, keys, and identities. Automate management with approval workflows. Centrally control, audit, monitor, and record all access to critical IT assets.

Learn More

Rate This Project

User Ratings

5.0 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 4 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5

User Reviews

Filter Reviews:

All

omnilord Posted 2019-07-20

This is a pretty decent package for getting used to working with some commonly available cyber security tools.
flyfoxtwo Posted 2012-07-28

very good !!!!
rubern Posted 2010-02-28

Web Security Dojo makes it so easy to get started with learning about web application vulnerabilities. Saves so much of time setting up different applications. Instead we get everything in one easy to use package.

Additional Project Details

Operating Systems

Linux, Mac, Windows

Intended Audience

Information Technology, Education, Security Professionals, Security

Programming Language

Unix Shell, Python, PHP, JavaScript, Java

Registered

2009-11-01

Similar Business Software

Virtual Hacking Labs

Purchase an access plan and get access within 24 hours. Download the courseware and a preconfigured pentesting machine. Study the courseware carefully and get ready to enter the labs to hack your way into 45+ lab machines. Write your report and earn the 2 available VHL certificates of completion...

See Software
OWASP ZAP

OWASP ZAP (Zed Attack Proxy) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible. At its core, ZAP is what is known...

See Software
Intigriti

Intigriti is a web-based application, used by organizations around the globe to carry out continuous security testing in the form of a bug bounty program. Intigriti works with IT and security teams across numerous verticals, including HR, Retail, eCommerce, Food & Beverages, Government...

See Software