Search Results for "web security"

The OWASP Security Shepherd project enables users to learn or to improve upon existing manual penetration testing skills. Utilizing the OWASP top ten as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. The by-product of this challenge game is the acquired skill to harden a player's own environment from OWASP top ten security risks. The modules have been crafted to provide not only a challenge for a security novice, but security...

The concept behind DataWoo is to create a Spring-based architecture that allows developers to jump-start their coding efforts by providing a hardened and secure foundation when developing new systems; it can also be used as a reference for incorporating new technologies into existing systems. DataWoo is meant to be a research and development platform that can be extended into just about any enterprise-level web application. The architecture will be developed in three phases: 1. Basic Spring Architecture: Provides all the basic components needed to field an enterprise-level application. 2. Programmatic Security Model: Incorporates the components needed to dynamically assign users to user roles and user roles to profiles. 3. Meta-Driven Architecture: Use meta-data to dynamically configure 80%-90% of the application using the concepts exemplified in the Compiere open source project.

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS...