Skip to content
This repository has been archived by the owner on May 3, 2023. It is now read-only.

Latest commit

 

History

History
140 lines (121 loc) · 5.76 KB

migrated_content.md

File metadata and controls

140 lines (121 loc) · 5.76 KB
layout title tags level type
col-sidebar
OWASP Broken Web Applications
example-tag
0
tool

Main



OWASP_Inactive_Banner.jpgOWASP_Inactive_Banner.jpg

OWASP Broken Web Applications Project is a collection of vulnerable web applications that is distributed on a Virtual Machine.

Description

The Broken Web Applications (BWA) Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in:

  • learning about web application security
  • testing manual assessment techniques
  • testing automated tools
  • testing source code analysis tools
  • observing web attacks
  • testing WAFs and similar code technologies

All the while saving people interested in doing either learning or testing the pain of having to compile, configure, and catalog all of the things normally involved in doing this process from scratch.

This project is sponsored in part by: AppSecDC2009-Sponsor-mandiant.gif

Licensing

OWASP Broken Web Applications Project is free to use. Any custom code / modifications are GPLv2, but this does not override the license of each individual software package we incorporate. All software is open source.

Ohloh

Email List

Join the Google Group

News and Events

  • 3-Aug-2015 -- OWASP Broken Web Applications version 1.2 was released.
  • 27-Sep-2013 -- OWASP Broken Web Applications version 1.1.1 was released.
  • 30-Jul-2013 -- OWASP Broken Web Applications version 1.1 was released.
  • 25-Jul-2012 -- Chuck Willis demonstrates OWASP BWA at the Black Hat USA Arsenal.
  • 24-Jul-2012 -- OWASP Broken Web Applications version 1.0 was released.
  • 14-Jul-2012 -- OWASP Broken Web Applications version 1.0rc2 was released.
  • 4-Apr-2012 -- OWASP Broken Web Applications version 1.0rc1 was released at OWASP AppSec DC.
  • 4-Aug-2011 -- Chuck Willis demonstrates OWASP BWA at the Black Hat USA Arsenal.
  • 24-Jul-2011 -- OWASP Broken Web Applications version 0.94 was released.
  • 27-Jan-2011 -- Chuck Willis presents OWASP BWA at the DoD Cyber Crime Conference.
  • 19-Jan-2011 -- OWASP Broken Web Applications version 0.93rc1 was released.
  • 15-Nov-2010 -- OWASP Broken Web Applications version 0.92rc2 was released.
  • 10-Nov-2010 -- OWASP Broken Web Applications version 0.92rc1 was released.
  • 10-Nov-2010 -- Chuck Willis presents OWASP BWA at OWASP AppSec DC.
  • 24-Mar-2010 -- OWASP Broken Web Applications version 0.91rc1 was released.
  • 5-Feb-2010 -- Doug Wilson presents on OWASP BWA at ShmooCon in Washington DC at 6 PM
  • 31-Jan-2010 -- We are now an "official" OWASP project, just in time for ShmooCon!
  • 27-Jan-2010 -- Chuck Willis presents BWA at the DoD Cybercrime conference

In Print

What is Broken Web Applications Project?

OWASP Broken Web Applications Project provides:

OWASP Broken Web Applications Project provides:

    • A collection of purposefully vulnerable applications to safely practice penetration testing.
    • A collection of purposefully vulnerable applications to safely practice penetration testing.
    • A selection of tools for testing web applications.
    • A selection of tools for testing web applications.

Presentation

Presentation

View

View

Project Leader

Project Leader

Chuck Willis

Chuck Willis

Ohloh

FAQs

  • Q1 (to be completed) A1 (to be completed)
  • Q2 (to be completed) A2 (to be completed)

Acknowledgements

Volunteers

OWASP Broken Web Applications Project is developed by a worldwide team of volunteers. The primary contributors to date have been:

Others

  • (to be completed)
  • xxx

Road Map and Getting Involved

(to be completed)

Project About

NOTOC

Category:OWASP Project Category:OWASP_Builders Category:OWASP_Defenders Category:OWASP_Document