OWASP Broken Web Applications Project

Owaspbwa - OWASP Broken Web Applications Project

Open Web Application Security Project (OWASP) Broken Web Applications Project, a collection of vulnerable web applications that is distributed on a Virtual Machine in VMware format compatible with their no-cost VMware Player and VMware Server products (along with their commercial products).

Led by Chuck Willis (chuck (at) securityfoundry (dot) com) and sponsored by Mandiant (www.mandiant.com).

This project now has a Google Group available at http://groups.google.com/group/owaspbwa/. Feel free to post any questions or comments on the project to that group.

Note - This project is a collection of open source software from various sources, along with some custom modifications and pieces to make it all work together. The license for each component may vary. The GPLv2 license for this project is only for any custom modifications and code created for this project.

Version 1.0rc1 of the VM was released on April 4, 2012.

See the Downloads page for details and links.

For more information on the project, see the Project Summary Wiki page.

Features :-

• OWASP
• Virtual Machine
• Vulnerable Web Apps

OWASP Broken Web Applications Project Web Site>>

The Broken Web Applications Project (BWA) is an effort to provide a wealth of applications with known vulnerabilities for those interested in :-

• learning about web application security
• testing manual assessment techniques
• testing automated tools
• testing source code analysis tools
• observing web attacks
• testing WAFs and similar code technologies

all the while saving people interested in doing either learning or testing the pain of having to compile, configure, and catalog all of the things normally involved in doing this process from scratch.

For More Information visit
http://sourceforge.net/projects/owaspbwa/
https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
http://code.google.com/p/owaspbwa/ OWASP Broken Web Applications – Excelent Learning Tool