ionut97 Posted June 29, 2012 Report Posted June 29, 2012 Mutillidae is a free, open source web application provided to allow security enthusiast to pen-test and hack a web application. Mutillidae can be installed on Linux, Windows XP, and Windows 7 using XAMMP making it easy for users who do not want to install or administrate their own webserver. Mutillidae contains dozens of vulnerabilities and hints to help the user exploit them; providing an easy-to-use web hacking environment deliberately designed to be used as a hack-lab for security enthusiast, classroom labs, and vulnerability assessment tool targets.Change log : Mutillidae 2.1.20: Changed some color schemes Bug fix: The html5 key validation on the on the html5 page was too restrictive. The validator was throwing errors even when the input was ok. This validation checks for any non-alphanumeric characters and prints an error if non-alphanumeric characters are found. This error message contains the bad key the user input. Since the site fails to output encode this error message, it is possible to perform DOM injection. Add the html5-storage.php to the vulnerabilities listing.Download Mutillidae 2.1.20 Quote
