This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Broken Web Applications Project"
From OWASP
Chuck Willis (talk | contribs) |
|||
| Line 1: | Line 1: | ||
| − | + | =Main= | |
| + | <div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div> | ||
| + | |||
| + | {| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |- | ||
| + | | valign="top" style="border-right: 1px dotted gray;padding-right:25px;" | | ||
| + | |||
| + | ==OWASP Broken Web Applications Project== | ||
| + | |||
| + | OWASP Broken Web Applications Project is... | ||
| + | |||
| + | ==Introduction== | ||
| + | |||
| + | |||
| + | A collection of vulnerable web applications that is distributed on a Virtual Machine. | ||
| + | |||
| + | |||
| + | ==Description== | ||
The Broken Web Applications (BWA) Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in: | The Broken Web Applications (BWA) Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in: | ||
| − | |||
*learning about web application security | *learning about web application security | ||
*testing manual assessment techniques | *testing manual assessment techniques | ||
| Line 10: | Line 25: | ||
*testing WAFs and similar code technologies | *testing WAFs and similar code technologies | ||
| − | + | All the while saving people interested in doing either learning or testing the pain of having to compile, configure, and catalog all of the things normally involved in doing this process from scratch. | |
| − | normally involved in doing this process from scratch. | + | |
| + | This project is sponsored in part by: [[Image:AppSecDC2009-Sponsor-mandiant.gif|link=http://www.mandiant.com/]] | ||
| + | |||
| + | ==Licensing== | ||
| + | OWASP Broken Web Applications Project is free to use. Any custom code / modifications are GPLv2, but this does not override the license of each individual software package we incorporate. All software is open source. | ||
| + | |||
| + | |||
| + | | valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" | | ||
| + | |||
| + | == What is Broken Web Applications Project? == | ||
| + | |||
| + | OWASP Broken Web Applications Project provides: | ||
| + | |||
| + | * xxx | ||
| + | * xxx | ||
| + | |||
| + | |||
| + | == Presentation == | ||
| + | |||
| + | [http://www.owasp.org/images/f/f0/Learning_by_Breaking_A_New_Project_Insecure_Web_Apps-Chuck_Willis.ppt View] | ||
| + | |||
| + | == Project Leader == | ||
| + | |||
| + | [mailto:[email protected] Chuck Willis] | ||
| + | |||
| − | + | == Related Projects == | |
| − | |||
| − | + | == Ohloh == | |
| − | |||
| − | == | + | | valign="top" style="padding-left:25px;width:200px;" | |
| − | + | == Quick Download == | |
| − | + | *[http://sourceforge.net/projects/owaspbwa/files/ Download the latest release] | |
| + | *[https://code.google.com/p/owaspbwa/ Google Code Source Repository] | ||
| + | *[https://twitter.com/owaspbwa Twitter Feed] | ||
| − | + | == Email List == | |
| − | + | [https://groups.google.com/forum/#!forum/owaspbwa Join the Google Group] | |
| − | 14-Jul-2012 -- OWASP Broken Web Applications version 1.0rc2 was released. | + | == News and Events == |
| + | *27-Sep-2013 -- OWASP Broken Web Applications version 1.1.1 was released. | ||
| + | *30-Jul-2013 -- OWASP Broken Web Applications version 1.1 was released. | ||
| + | *25-Jul-2012 -- Chuck Willis demonstrates OWASP BWA at the Black Hat USA Arsenal. | ||
| + | *24-Jul-2012 -- OWASP Broken Web Applications version 1.0 was released. | ||
| + | *14-Jul-2012 -- OWASP Broken Web Applications version 1.0rc2 was released. | ||
| + | *4-Apr-2012 -- OWASP Broken Web Applications version 1.0rc1 was released at OWASP AppSec DC. | ||
| + | *4-Aug-2011 -- Chuck Willis demonstrates OWASP BWA at the Black Hat USA Arsenal. | ||
| + | *24-Jul-2011 -- OWASP Broken Web Applications version 0.94 was released. | ||
| + | *27-Jan-2011 -- Chuck Willis presents OWASP BWA at the DoD Cyber Crime Conference. | ||
| + | *19-Jan-2011 -- OWASP Broken Web Applications version 0.93rc1 was released. | ||
| + | *15-Nov-2010 -- OWASP Broken Web Applications version 0.92rc2 was released. | ||
| + | *10-Nov-2010 -- OWASP Broken Web Applications version 0.92rc1 was released. | ||
| + | *10-Nov-2010 -- Chuck Willis presents OWASP BWA at OWASP AppSec DC. | ||
| + | *24-Mar-2010 -- OWASP Broken Web Applications version 0.91rc1 was released. | ||
| + | *5-Feb-2010 -- Doug Wilson presents on OWASP BWA at ShmooCon in Washington DC at 6 PM | ||
| + | *31-Jan-2010 -- We are now an "official" OWASP project, just in time for ShmooCon! | ||
| + | *27-Jan-2010 -- Chuck Willis presents BWA at the DoD Cybercrime conference | ||
| − | + | == In Print == | |
| − | |||
| − | |||
| − | + | ==Classifications== | |
| − | + | {| width="200" cellpadding="2" | |
| + | |- | ||
| + | | align="center" valign="top" width="50%" rowspan="2"| [[File:Midlevel projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]] | ||
| + | | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]] | ||
| + | |- | ||
| + | | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]] | ||
| + | |- | ||
| + | | colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]] | ||
| + | |- | ||
| + | | colspan="2" align="center" | [[File:Project_Type_Files_CODE.jpg|link=]] | ||
| + | |} | ||
| − | + | |} | |
| − | + | =FAQs= | |
| − | + | ; Q1 | |
| + | : A1 | ||
| − | + | ; Q2 | |
| + | : A2 | ||
| − | + | = Acknowledgements = | |
| + | ==Volunteers== | ||
| + | OWASP Broken Web Applications Project is developed by a worldwide team of volunteers. The primary contributors to date have been: | ||
| − | + | * [mailto:[email protected] Doug Wilson] | |
| + | ==Others== | ||
| + | * xxx | ||
| + | * xxx | ||
| − | + | = Road Map and Getting Involved = | |
| + | As of July, the priorities are: | ||
| + | * In July 2011, we released version 0.94 as the first "real" release (not a release candidate). | ||
| + | *We plan to have a 1.0 release at the OWASP North America conference in September 2011. | ||
| + | *After the 1.0 release, we plan to focus on gathering information about vulnerabilities in the 1.0 VM. | ||
| + | Involvement in the development and promotion of OWASP Broken Web Applications Project is actively encouraged! | ||
| + | You do not have to be a security expert in order to contribute. | ||
| + | Some of the ways you can help: | ||
| + | * xxx | ||
| + | * xxx | ||
| − | |||
| − | |||
| + | =Project About= | ||
| + | {{:GPC_Project_Details/OWASP BWA Project | OWASP Project Identification Tab}} | ||
| − | __NOTOC__ <headertabs /> | + | __NOTOC__ <headertabs /> |
| − | [[Category: | + | [[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Document]] |
Revision as of 19:47, 16 July 2014
OWASP Broken Web Applications ProjectOWASP Broken Web Applications Project is... IntroductionA collection of vulnerable web applications that is distributed on a Virtual Machine.
DescriptionThe Broken Web Applications (BWA) Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in:
All the while saving people interested in doing either learning or testing the pain of having to compile, configure, and catalog all of the things normally involved in doing this process from scratch. This project is sponsored in part by: LicensingOWASP Broken Web Applications Project is free to use. Any custom code / modifications are GPLv2, but this does not override the license of each individual software package we incorporate. All software is open source.
|
What is Broken Web Applications Project?OWASP Broken Web Applications Project provides:
PresentationProject Leader
Related ProjectsOhloh |
Quick DownloadEmail ListNews and Events
In PrintClassifications
| |||||||
- Q1
- A1
- Q2
- A2
Volunteers
OWASP Broken Web Applications Project is developed by a worldwide team of volunteers. The primary contributors to date have been:
Others
- xxx
- xxx
As of July, the priorities are:
- In July 2011, we released version 0.94 as the first "real" release (not a release candidate).
- We plan to have a 1.0 release at the OWASP North America conference in September 2011.
- After the 1.0 release, we plan to focus on gathering information about vulnerabilities in the 1.0 VM.
Involvement in the development and promotion of OWASP Broken Web Applications Project is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:
- xxx
- xxx
| PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What does this OWASP project release offer you? | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| ||||||||||||||||||||||
