OWASP Broken Web Apps VM v1.2rc1 Released
180 views
Skip to first unread message
Chuck Willis
Jun 24, 2015, 1:26:11 AM6/24/15
to owaspbwa
I have just uploaded Release Candidate 1 for the OWASP BWA VM version 1.2 to SourceForge. There are no huge changes in this (long overdue) release, but a few applications have been added and at least a few have been updated. Below are the release notes:
- Updated Mutillidae and WAVSEP
o Removed IP address restrictions on Mutillidae
o Added script to rebuild WAVSEP
- Added bWAPP application and script to automatically update bWAPP
- Added OWASP Security Shepherd application and supporting scripts.
- Likely other application updates
Here are the vital stats on the VM archive:
Filename: OWASP_Broken_Web_Apps_VM_1.2rc1.zip, Size: ~2.4Gb, MD5: f4271ac7d051846beff36bca32090902
This is a Release Candidate, so please report any bugs that you find to the issue tracker on Google Code at https://code.google.com/p/owaspbwa/issues/list or to me via email. We greatly appreciate any feedback that you can provide.- Updated Mutillidae and WAVSEP
o Removed IP address restrictions on Mutillidae
o Added script to rebuild WAVSEP
- Added bWAPP application and script to automatically update bWAPP
- Added OWASP Security Shepherd application and supporting scripts.
- Likely other application updates
Here are the vital stats on the VM archive:
Filename: OWASP_Broken_Web_Apps_VM_1.2rc1.zip, Size: ~2.4Gb, MD5: f4271ac7d051846beff36bca32090902
There is only one known issue with this version of the VM: the OWASP Railsgoat application is old and has not been updated. The newer versions of that application use an updated version of Ruby and other associated tools. I tried to integrate the new version onto the VM, but unfortunately was never able to get it running properly. At least one other application on the VM also uses Ruby, so I also want to ensure that updating Railsgoat does not break other applications. If anyone would like to volunteer some Rails experience in getting this sorted out, I'd greatly appreciate it.
My intention is to have this Release Candidate out for a couple of weeks and let people "kick the tires" on it. The full release of version 1.2 will probably happen in mid or late July.
Chuck Willis
Jul 12, 2015, 10:06:01 PM7/12/15
to owaspbwa
Hi everyone,
I haven't received many comments on the release candidate. Please let me know how it is working for you... positive and negative feedback are appreciated. I plan to release the final version around August 1st.
Thank you.
Jing Nghik
Jul 14, 2015, 5:02:28 PM7/14/15
to owas...@googlegroups.com
I didnt get a chance to test the specific updates, but it looks to be working fine for me!
Reply all
Reply to author
Forward
0 new messages