This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Bricks"
From OWASP
Line 6: | Line 6: | ||
* The mission is to 'break the bricks' and thus learn the various aspects of web application security.<br><br> | * The mission is to 'break the bricks' and thus learn the various aspects of web application security.<br><br> | ||
− | '''[http://sechow.com/bricks/download.html Download Bricks] | [https://www.youtube.com/OWASPBricks Watch videos] | [http://sechow.com/bricks/docs/ Documentation] | + | '''[http://sechow.com/bricks/download.html Download Bricks] | [https://www.youtube.com/OWASPBricks Watch videos] | [http://sechow.com/bricks/docs/ Documentation]<br> |
= Bricks = | = Bricks = | ||
Line 22: | Line 22: | ||
|- | |- | ||
| 2 | | 2 | ||
− | | File upload page # | + | | File upload page #1 |
| bricks/upload-1/ | | bricks/upload-1/ | ||
| [http://sechow.com/bricks/docs/file-upload-1.html Text], [http://www.youtube.com/watch?v=N6SAzEkgJ3s Video] | | [http://sechow.com/bricks/docs/file-upload-1.html Text], [http://www.youtube.com/watch?v=N6SAzEkgJ3s Video] | ||
|- | |- | ||
| 3 | | 3 | ||
− | | Content page # | + | | Content page #1 |
| bricks/content-1/ | | bricks/content-1/ | ||
| [http://sechow.com/bricks/docs/content-page-1.html Text], [http://www.youtube.com/watch?v=j5I0wPvQxTg Video] | | [http://sechow.com/bricks/docs/content-page-1.html Text], [http://www.youtube.com/watch?v=j5I0wPvQxTg Video] | ||
|- | |- | ||
|} | |} | ||
− | |||
= Road map = | = Road map = | ||
# Demonstrate maximum variations of most common vulnerabilities | # Demonstrate maximum variations of most common vulnerabilities |
Revision as of 16:53, 12 February 2013
- Bricks is a deliberately vulnerable web application built on PHP and MySQL.
- The project focuses on variations of commonly seen application security vulnerabilities and exploits.
- Each 'brick' has some sort of vulnerability which can be exploited using tools (Mantra and ZAP).
- The mission is to 'break the bricks' and thus learn the various aspects of web application security.
Download Bricks | Watch videos | Documentation
Bricks
Challenge | Page | URL | Documentations |
---|---|---|---|
1 | Log in page #1 | bricks/login-1/ | Text, Video |
2 | File upload page #1 | bricks/upload-1/ | Text, Video |
3 | Content page #1 | bricks/content-1/ | Text, Video |
Road map
- Demonstrate maximum variations of most common vulnerabilities
- Help people to learn the need of secure codding practices and SSDLC
- Attract people to design more bricks
- Become a test bed for analyzing the performance of web application security scanners.
- Help people learn the manual method of testing the applications
- Demonstrate the possibilities of various security tools and techniques
- Become a platform to teach web application security in a class room/lab environment.
Project About
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|