Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Hacme Casino v1.0

from [alex.smolen] Network Security [Permanent Link]
Subject: Hacme Casino v1.0
Date: Thu, 24 Aug 2006 17:15:07 -0700 
Announcing the new addition to the Hacme, Inc. series of Foundstone free
tools, Hacme Casino!

Hacme Casino is an online casino, built with Ruby on Rails, with plenty
of AJAX functionality. It has security vulnerabilities "baked-in", and
is meant to help educate developers and testers about web application
security in the context of new technologies.

If you are interested in the security aspects Ruby on Rails and AJAX,
give Hacme Casino a try. It's a completely self-contained Ruby WEBrick
server and Rails application in a simple exe.

Vulnerabilities:
        Blind SQL Injection
        Cross-Site Request Forgery
        Improper Session Management
        Good, old fashioned cheating!

Features:
Multiple Users (Login and Register)
Blackjack
Video Poker
Roulette (Coming Soon!)

http://www.foundstone.com/resources/proddesc/hacmecasino.htm
        
So go ahead, try your luck, see if you can break the bank at Hacme
Casino!

Alex Smolen
Hacme Casino Author
Consultant, Foundstone Professional Services


-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. See for yourself. 
Download a Free Trial of AppScan today!

https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnG
--------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Hacme Casino v1.0, alex.smolen <=
Previous by Date:  RE: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners, Joseph Peloquin
Next by Date:  Cookie poisoning without XSS, Smith Norton
Previous by Thread:  Problem about detecting "SMTP command injection", i.e. cr lf chars in web forms, Maxime Ducharme
Next by Thread:  Cookie poisoning without XSS, Smith Norton
Indexes:  [Date] [Thread] [Top] [All Lists]