Home of the developement for OWASP WTE - the Web Testing Environment, a collection of pre-packaged Linux AppSec tools, apps and documentation used to create pre-configured VMs or installed ala carte in the Linux of your choice..
HTML JavaScript Python Java CSS Perl Other
Failed to load latest commit information.
burpsuite Minor update to build scripts for previous packages Apr 26, 2015
cal9000 Minor update to build scripts for previous packages Apr 26, 2015
dirbuster Minor update to build scripts for previous packages Apr 26, 2015
docs Clean up some typos in the package conversion doc May 7, 2015
ende Adding EnDe package after completing conversion Apr 26, 2015
fierce Adding Fierce Domain Scan after completing conversion Apr 26, 2015
firefox Adding 'Firefox WTE-style' after completing conversion May 7, 2015
fuzzdb Added fuzzdb after completing conversion Apr 26, 2015
grendel-scan Added Grendel-Scan after completing conversion Apr 26, 2015
gruyere Added Gruyere vulnerable app after completing conversion Apr 26, 2015
httprint Added httprint after completing conversion Apr 27, 2015
jbrofuzz Addded jbrofuzz after completing conversion Apr 29, 2015
jerry-curl Created a package for jerry-curl May 5, 2015
jq Added i386 versions of jq - which I had missed May 7, 2015
mini-rest Added new package: mini-rest - a simple REST API example May 19, 2015
netcat Minor fix: Forgot README.md for netcat package Apr 29, 2015
nikto Added nikto after completing conversion Apr 29, 2015
nmap Adding nmap after completing conversion Apr 29, 2015
notes Added example scripts used for API testing May 20, 2015
paros Added Paros Proxy after completing conversion Apr 30, 2015
ratproxy Adding ratproxy aftter completing conversion Apr 30, 2015
scripts Added a check that FPM is installed in build library May 4, 2015
skipfish Adding skipfish after completing conversion Apr 30, 2015
spikeproxy Adding spikeproxy after completing conversion May 2, 2015
sqlbrute Added sqlbrute after completing conversion May 2, 2015
sqlmap Added sqlmap after completing conversion and updating to latest version May 5, 2015
tcpdump Adding tcpdump after completing conversion May 2, 2015
w3af Added README.md for w3af May 3, 2015
wapiti Added wapiti after completing conversion May 3, 2015
webgoat Added a readme to WebGoat's package directory explaining why no packa… May 4, 2015
webscarab Added WebScarab after completing conversion May 3, 2015
webslayer Added Webslayer after completing conversion May 3, 2015
wireshark Added wireshark after completing conversion May 3, 2015
wpscan Added wpscan after completing conversion May 3, 2015
wsfuzzer Added wsfuzzer after completing conversion May 3, 2015
wte-docs Added WTE Documentation package after completing conversion and updat… May 4, 2015
zap Added OWASP Zap after completing conversion and updating to 2.4.0 May 3, 2015
.gitignore Adding a .gitignore to handle when package .deb or .rpm files are too… May 4, 2015
README.md Converted README from asciidoc to markdown and added some real content May 14, 2015

README.md

OWASP WTE - Web Testing Environment

aka We Test Everything

TLDL install instructions for the impatient - just 3 easy steps:

$ sudo echo "deb http://appseclive.org/apt/14.04 trusty main" > /etc/apt/sources.list.d/owasp-wte.list
$ wget -q -O - http://appseclive.org/apt/owasp-wte.gpg.key | apt-key add -
$ apt-get update && apt-get -y install owasp-wte-*

So what is OWASP WTE anyway?

OWASP WTE is primarily a bunch of easy to install AppSec tools, apps and documentation. Currently, there's a ready-to-use Debian/Ubuntu repository of .deb packages and some very beta RPMs (not tested as of 2015-05-13). You can either install these packages ala carte on a Linux system of your choice or download an OWASP WTE VM which bundles all the packages together with some extra bling in a turn-key VM. VMs are provided in VirtualBox (.vdi), VMware (.vmdk) and Open Virtual Appliance (.ova) formats compressed with 7zip. VMs can be downloaded from here - Don't forget to check the SHA sums

A .deb repository of i386 and amd64 packages which were targeted at Ubuntu 14.04 LTS though they should also work on other Debian-based Linux systems like Debian, Linux Mint, Xubuntu, Ubuntu Gnome, Kubuntu, Lubuntu, ...

The current package provided by OWASP WTE are:

owasp-wte-burpsuite 1.6-00
owasp-wte-cal9000 2.0-00
owasp-wte-dirbuster 1.0-RC1-00
owasp-wte-ende 1.0RC12-00
owasp-wte-fierce 0.9.11-Beta04162015-00
owasp-wte-firefox 37.0.2-00
owasp-wte-fuzzdb 2015-04-26-svn-00
owasp-wte-grendel-scan 1.0-00
owasp-wte-gruyere 1.0-00
owasp-wte-httprint 301-00
owasp-wte-jbrofuzz 2.5-00
owasp-wte-jerry-curl 1.1-00
owasp-wte-jq 1.4-00
owasp-wte-netcat 1.10-00
owasp-wte-nikto 2.1.5-00
owasp-wte-nmap 6.40-00
owasp-wte-paros 3.2.13-00
owasp-wte-ratproxy 1.58-00
owasp-wte-skipfish 2.10-00
owasp-wte-spikeproxy 1.4.8-00
owasp-wte-sqlbrute 1.0-00
owasp-wte-sqlmap 0-git-5ee7fd785a-00
owasp-wte-tcpdump 4.5.1-00
owasp-wte-w3af 1.1svn5547-00
owasp-wte-wapiti 2.3.0-00
owasp-wte-webgoat 6.0.1-00
owasp-wte-webscarab 20090122-00
owasp-wte-webslayer 0-svn-r5-00
owasp-wte-wireshark 1.10.6-00
owasp-wte-wpscan 0-git-22550ea55-00
owasp-wte-wsfuzzer 1.9.5-00
owasp-wte-wte-docs 20150503-00
owasp-wte-zap 2.4.0-00

Other References