This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

ESAPI Swingset

From OWASP
Jump to: navigation, search


OWASP Inactive Banner.jpg

Main

The ESAPI Swingset is a web application which demonstrates the many uses of the Enterprise Security API (ESAPI).

Download/Run

ESAPI Swingset INTERACTIVE

The ESAPI Swingset INTERACTIVE is a web application which demonstrates common security vulnerabilities and asks users to secure the application against these vulnerabilities using the ESAPI library. The application is intended for Java Developers. The goal of the application is to teach developers about the functionality of the ESAPI library and give users a practical understanding of how it can be used to protect web applications against common security vulnerabilities.

  • All ESAPI Swingset INTERACTIVE downloads are hosted on the Google Code site. You can find the latest downloads for the project here.

How Can I help with Swingset

The ESAPI Swingset is still in an early beta stage. Many pages within Swingset are still incomplete, and we could certainly use some help getting them finished. If you are interested in helping, please see this page for instructions on how to download and build the latest SVN version of the Swingset.

If you have any ideas for how the ESAPI Swingset could be better, or if you would like to submit new code, please contact any of the project leaders.

Project Sponsors

The OWASP ESAPI project is sponsored by Aspect_logo.gif

The OWASP ESAPI Swingset Interactive project is sponsored by Cycubix2_small.png

Project About - Swingset Interactive

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP ESAPI Swingset Interactive Project (home page)
Purpose:
  • This a web application which demonstrates common security vulnerabilities and asks users to secure the application against these vulnerabilities using the ESAPI library.
  • The application is intended for Java Developers. The goal of the application is to teach developers about the functionality of the ESAPI library and give users a practical understanding of how it can be used to protect web applications against common security vulnerabilities.
License: BSD license
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
current release
ESAPI Swingset Interactive - July, 2nd 2010 - (download)
Release description:
  • This is a customised version of the OWASP SwingSet Application.
  • In addition to demonstrating the features of the ESAPI library, we felt it would be useful for developers to work out labs where they are presented with common security vulnerabilities and use ESAPI resolve the issues. We tried to cover as many of the OWASP Top 10 as possible in the labs and changed the grouping of the chapters to map to ASVS verification requirements. We were conscious of the fact that the OWASP Web Goat application already demonstrates the OWASP Top 10 vulnerabilities, but felt that this version of SwingSet could offer developers a chance to learn how to code to prevent these vulnerabilities while using ESAPI.
  • Would be very interested to hear any feedback.
Rating: Yellow button.JPG Not Reviewed - Assessment Details
last reviewed release
Not Yet Reviewed


other releases