Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

MasterBugs Released

from [Gerald Quakenbush] Network Security [Permanent Link]
Subject: MasterBugs Released
Date: Wed, 17 May 2006 08:44:23 -0400 
MasterBugs is a GNU-licensed application that is written in legacy ASP scripts
with a Microsoft SQL Server backend. I developed it for use in a appsec
training program that I do and recently got enough of it re-written so it can
be open-sourced.

It is similar in purpose to WebGoat and Hacme Bank. Originally, the program
was a proof-of-concept program for a project that never grew legs. That
original version was written back in 96 and used some concepts similar to
AJAX. These concepts bring about some interesting security issues all their
own.

Here's the site:
http://www.quakenbush.com

At this point, I haven't published a list of vulnerabilities in the
application, so if you try it out, keep track of all the issues you find and
when I get the list put together you will have something to compare it to.

Thanks,

-Gerald

---------------------------------------
Gerald Quakenbush
Author of Web Hacker Boot Camp
http://www.quakenbush.com


-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire named worldwide market share leader in web application security 
assessment by leading market research firm. Watchfire's AppScan is the 
industry's first and leading web application security testing suite, and 
the only solution to provide comprehensive remediation tasks at every 
level of the application. See for yourself. 
Download a Free Trial of AppScan 6.0 today!

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007t9c
--------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • MasterBugs Released, Gerald Quakenbush <=
Previous by Date:  Re: Comparison report on web app security scanners, Eoin
Next by Date:  Denim Group Releases Sprajax, an Open Source Security Scanner for AJAX, bugtraq
Previous by Thread:  Paros 3.2.12 Release, contact
Next by Thread:  Denim Group Releases Sprajax, an Open Source Security Scanner for AJAX, bugtraq
Indexes:  [Date] [Thread] [Top] [All Lists]