Web应用安全
[英]Web Applications Security
问题描述
嗨,有人知道其他类似Webgoat的程序来演示Web应用程序安全漏洞吗?
6 个解决方案
解决方案1
1 2010-12-13 00:10:43
There are plenty of them. 
有很多。 Some hosted, some for local installation. 一些托管,一些用于本地安装。 Some targeted more to teaching about web security, others for testing. 一些针对更多关于Web安全的教学,其他针对测试。 Fortunately some folks already made some lists: 幸运的是,有些人已经列出了一些清单:
http://slogic.net/training/vulnerable-web-applications-to-learn-web-application-testing-skills http://slogic.net/training/vulnerable-web-applications-to-learn-web-application-testing-skills
http://securitythoughts.wordpress.com/2010/03/22/vulnerable-web-applications-for-learning http://securitythoughts.wordpress.com/2010/03/22/vulnerable-web-applications-for-learning
http://www.owasp.org/index.php/Phoenix/Tools#Testing_grounds http://www.owasp.org/index.php/Phoenix/Tools#Testing_grounds
I personally would start with Google Gruyere (http://google-gruyere.appspot.com/). 我个人将从Google Gruyere(http://google-gruyere.appspot.com/)开始。
解决方案2
1 2011-07-01 00:53:52
解决方案3
0 2014-08-19 12:14:51
还可以看一下Codebashing-它们是一个基于SaaS的电子学习平台,可提供交互式应用程序安全战争游戏。
解决方案4
0 2010-10-08 14:11:01
Take a look at: 看一眼:
Acunetix WVS automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.
解决方案5
0 2016-10-31 14:43:35
http://www.dvwa.co.uk/ http://www.itsecgames.com/ https://www.owasp.org/index.php/OWASP_Bricks#tab=Main https://sourceforge.net/projects/mutillidae/
我也喜欢真正有趣的dawa和murillidae。
解决方案6
0 2010-12-08 20:17:29
The big ones I would think of would be Fortify and HP WebInspect. 我认为最重要的是Fortify和HP WebInspect。
Fortify will scan the source code and find potential vulnerabilities HP WebInspect will scan/brute force a website in production and find/report actual vulnerabilities. Fortify将扫描源代码并查找潜在漏洞HP WebInspect将在生产中扫描/强行使用网站并查找/报告实际漏洞。
Both require a fairly expensive license. 两者都需要相当昂贵的许可证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.