wavsep

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners.

This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners.

Visit WAVSEP homepage to learn more:
https://code.google.com/p/wavsep/

The project includes the following test cases:

Path Traversal/LFI: 816 test cases (GET & POST)
Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST)
Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST)
Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST)
Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST)
Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST)

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow wavsep

wavsep Web Site

Other Useful Business Software

Gen AI apps are built with MongoDB Atlas

Build gen AI apps with an all-in-one modern database: MongoDB Atlas

MongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.

Start Free

Rate This Project

User Reviews

Be the first to post a review of wavsep!

Additional Project Details

Operating Systems

Linux, Windows

Languages

English

Intended Audience

Developers, Education, Quality Engineers, Security, Security Professionals, Testers

User Interface

Web-based

Programming Language

Java, JSP

Database Environment

JDBC, MySQL, Other file-based DBMS

Related Categories

JSP Security Software, JSP Software Testing Tool, JSP Benchmark Software, JSP Vulnerability Scanners, Java Security Software, Java Software Testing Tool, Java Benchmark Software, Java Vulnerability Scanners

Registered

2014-01-29

Similar Business Software

Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Kasm Workspaces

Kasm Workspaces streams your workplace environment directly to your web browser…on any device and from any location. Kasm uses our high-performance streaming and secure isolation technology to provide web-native Desktop as a Service (DaaS), application streaming, and secure/private web...

See Software
Ninox

Ninox is your solution for organizing and managing complex data in a structured and efficient way. With its highly flexible user interface, you can analyze, process, and evaluate any type of data. Additionally, the Ninox API enables seamless integration with services like Google for enhanced...

See Software
Criminal IP

Criminal IP is a comprehensive threat intelligence search engine that detects vulnerabilities of personal and corporate cyber assets in real time and facilitates preemptive responses accordingly. Originated from the idea that individuals and corporations would be able to strengthen their cyber...

See Software