Xiaopei's DokuWiki
These are the good times in your life,
so put on a smile and it'll be alright
User Tools
Sidebar
it:secure:owasp
OWASP
The Open Web Application Security Project
WebScarab
WebScarab is a web security application testing tool. It serves as a proxy intercepting web browser web requests and web server replies.
WebGoat
目标
我们希望通过 WebGoat 帮助测试人员掌握以下技能:
- 理解web应用程序中的各种高级交互过程
- 确定出有助于发动攻击的客户端可见数据
- 识别和理解能将应用程序暴露在攻击之下的数据和用户交互
- 对这些交互进行测试,并暴露出它们的漏洞
- 攻击应用程序以演示和利用服务器的弱点
安装和运行
- 下载 WebGoat-OWASP_Standard-x.x.zip
- 解压
- 安装 jdk
- sudo sh webgoat.sh start8080
- 用户名/密码: guest/guest
- sudo sh webgoat.sh stop
hack
refs
it/secure/owasp.txt · Last modified: 2013/08/19 07:22 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
