23 октября 2008

OWASP WebGoat Project

OWASP WebGoat Project

WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application. For example, in one of the lessons the user must use SQL injection to steal fake credit card numbers. The application is a realistic teaching environment, providing users with hints and code to further explain the lesson.

Комментариев нет:

Архив блога

What to do?

you have site designed in a dark theme, saying dark background, white font.
By default google toolbar autocomplete cracks html for inputs or selects containg "email" "name" "address" and other buzzwords and changes background to yellow. As a result when visitor fills form, he enters text as white on yellow and can not easy validate his input
What to do?



item http://www.voronenko.com/2008/10/owasp-webgoat-project.html