wavsep

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners.

This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners.

Visit WAVSEP homepage to learn more:
https://code.google.com/p/wavsep/

The project includes the following test cases:

Path Traversal/LFI: 816 test cases (GET & POST)
Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST)
Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST)
Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST)
Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST)
Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST)

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow wavsep

wavsep Web Site

Other Useful Business Software

Outgrown Windows Task Scheduler?

Free diagnostic identifies where your workflow is breaking down—with instant analysis of your scheduling environment.

Windows Task Scheduler wasn't built for complex, cross-platform automation. Get a free diagnostic that shows exactly where things are failing and provides remediation recommendations. Interactive HTML report delivered in minutes.

Download Free Tool

Rate This Project

User Reviews

Be the first to post a review of wavsep!

Additional Project Details

Operating Systems

Linux, Windows

Languages

English

Intended Audience

Developers, Education, Quality Engineers, Security, Security Professionals, Testers

User Interface

Web-based

Programming Language

Java, JSP

Database Environment

JDBC, MySQL, Other file-based DBMS

Related Categories

JSP Security Software, JSP Software Testing Tool, JSP Benchmark Software, JSP Vulnerability Scanners, Java Security Software, Java Software Testing Tool, Java Benchmark Software, Java Vulnerability Scanners

Registered

2014-01-29

Similar Business Software

Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Kasm Workspaces

Kasm Workspaces streams your workplace environment directly to your web browser…on any device and from any location. Kasm uses our high-performance streaming and secure isolation technology to provide web-native Desktop as a Service (DaaS), application streaming, and secure/private web...

See Software
Auth0

Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity...

See Software
SOCRadar Extended Threat Intelligence

SOCRadar provides a unified, cloud-hosted platform designed to enrich your cyber threat intelligence by contextualizing it with data from your attack surface, digital footprint, dark web exposure, and supply chain. We help security teams see what attackers see by combining External Attack...

See Software