Thursday, April 28, 2011

OWASP ZAP Web Application Vulnerability Examples v0.2

The OWASP Zed Attack Proxy - Web Application Vulnerability Examples (WAVE) are a set of pages which exhibit known vulnerabilities.
The vulnerabilities included are only those that can (or should be) detectable via automated scanners.They have been developed to test OWASP ZAP but can be used for any other legitimate purpose.The zip file just contains the file zap-wave.war - put this in the webapps directory of your favorite servlet engine.The file is zipped just so that the version number can be easily changed!
Changes since previous version - added XSS in form with an anti CSRF token.


No comments: