wavsep

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners.

This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners.

Visit WAVSEP homepage to learn more:
https://code.google.com/p/wavsep/

The project includes the following test cases:

Path Traversal/LFI: 816 test cases (GET & POST)
Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST)
Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST)
Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST)
Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST)
Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST)

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow wavsep

wavsep Web Site

Other Useful Business Software

Our Free Plans just got better! | Auth0

With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.

Try free now

Rate This Project

User Reviews

Be the first to post a review of wavsep!

Additional Project Details

Operating Systems

Linux, Windows

Languages

English

Intended Audience

Education, Developers, Quality Engineers, Testers, Security Professionals, Security

User Interface

Web-based

Programming Language

JSP, Java

Database Environment

JDBC, MySQL, Other file-based DBMS

Related Categories

JSP Security Software, JSP Software Testing Tool, JSP Benchmark Software, JSP Vulnerability Scanners, Java Security Software, Java Software Testing Tool, Java Benchmark Software, Java Vulnerability Scanners

Registered

2014-01-29

Similar Business Software

VulnSign

VulnSign is an online vulnerability scanner that is fully automated, customer-orient configurable and has advanced features. VulnSign can scan any type of web application, regardless of the technology it was built with. It uses a Chrome based crawling engine and can identify vulnerabilities in...

See Software
WebScanner

DefenseCode WebScanner is a DAST (Dynamic Application Security Testing, BlackBox Testing) solution for comprehensive security audits of active web applications (websites). WebScanner will test a website’s security by carrying out a large number of attacks using the most advanced techniques, just...

See Software
Probely

Probely is a web vulnerability scanner for agile teams. It provides continuous scanning of web applications and lets you efficiently manage the lifecycle of the vulnerabilities found, in a sleek and intuitive web interface. It also provides simple instructions on how to fix the...

See Software