WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application. For example, in one of the lessons the user must use SQL injection to steal fake credit card numbers. The application is a realistic teaching environment, providing users with hints and code to further explain the lesson. For downloads and more information, visit the WebGoat homepage.
- Popularity
- #122, new!
- Latest release
- 5.3 RC1
- Nov. 1, 2009 (15 years, 4 months ago)
- Links
- Rating
- ★★★★★ (1)
★★★★★100% ★★★★0% ★★★0% ★★0% ★0%
Great way to learn about web vulnerabilities. All of the OWASP T10 are included and yo u can learn in a fun way. +1