WebGoat

WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application. For example, in one of the lessons the user must use SQL injection to steal fake credit card numbers. The application is a realistic teaching environment, providing users with hints and code to further explain the lesson. For downloads and more information, visit the WebGoat homepage.

Popularity
#122, new!
Latest release
  • 5.3 RC1
  • Nov. 1, 2009 (12 years, 7 months ago)
Links
Rating
★★★★★ (1)
★★★★★
100% ★★★★
0% ★★★
0% ★★
0%
0%
Outdated/incomplete?

Screenshot

Comments

★★★★★ devman

Great way to learn about web vulnerabilities. All of the OWASP T10 are included and yo u can learn in a fun way. +1

Comments disabled

Feed for updates.

Home