Home page logo
/

WebGoat

WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application. For example, in one of the lessons the user must use SQL injection to steal fake credit card numbers. The application is a realistic teaching environment, providing users with hints and code to further explain the lesson. For downloads and more information, visit the WebGoat homepage.

Popularity #122, new!
Rating ★★★★★ (1)
Latest release 5.3 RC1
Nov. 1, 2009
(5 years, 1 month ago)
Homepage/Download
Outdated/incomplete?
★★★★★ 
 100%
★★★★ 
 0%
★★★ 
 0%
★★ 
 0%
★ 
 0%
Screenshot

Comments

★★★★★ devman

Great way to learn about web vulnerabilities. All of the OWASP T10 are included and yo u can learn in a fun way. +1

Your comment

Along with your rating, you can use the comment form to post a review, tutorial, tips and tricks, or anything else others will find useful. If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).

 
 
  (will not be shown, will not be spammed)
  (web site, Twitter, Facebook, etc.)
(At least 50 characters. No markup is allowed. URLs will be made into links.)
 What is the length of an IPv6 address, in bytes? (antispam)

Feed for updates.

Home

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]