Vulnerable XXE VM now part of Vicnum
107 views
Skip to first unread message
Mordecai Kraushar
Mar 10, 2015, 11:59:48 AM3/10/15
to owasp-...@lists.owasp.org, owas...@googlegroups.com, Nicole Becher, Ivan Buetler
All;
The OWASP Vicnum Project https://www.owasp.org/index.php/Category:OWASP_Vicnum_Project has been updated to include a vulnerable XXE VM at http://xxe.sourceforge.net/
This VM was used in recent CTF events including the Breaking Bad challenge event at APPSEC in NY in late 2013.
As will other vulnerable or broken apps the basic goal of the project is to:
- Test web application scanners
- Test manual attack techniques
- Test source code analysis tools
- Look at the code that allows the vulnerabilities
- Test web application firewalls
- Have a little fun.
Thanks much to Nicole Becher for all of this.
Mordecai Kraushar
Reply all
Reply to author
Forward
0 new messages