Jump to content
Fi8sVrs

bWAPP - a buggy web application !

Recommended Posts

  • Active Members
Posted

bWAPP or a buggy web application is a free and open source web application build to allow security enthusiasts, students and developers to better secure web applications. bWAPP prepares you to conduct successful penetration testing and ethical hacking projects. It is for educational purposes only.

bWAPP contains all vulnerabilities from the OWASP Top 10 project. The OWASP Top 10 provides an accurate snapshot of the current threat landscape in application security and reflects the collaborative efforts and insights of thousands of accomplished security engineers. To reflect the ongoing changes in technology and common online business practices, the list is periodically updated.

You can download bWAPP from here. Have fun!

We also offer a 2-day comprehensive web security course 'Attacking and Defending Web Applications with bWAPP'. This course can be scheduled on demand, at your location!

logo.png

bWAPP includes:

  • injection vulnerabilities like SQL, XML/XPath, HTML, command and mail injections.
  • Cross-Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF)
  • malicious file uploads
  • authentication, authorization and session management issues
  • directory traversal
  • local and remote file inclusions
  • information disclosures
  • configuration issues
  • HTTP response splitting
  • SSL issues
  • Man-in-the-Middle attacks
  • parameter modifications
  • and much more...

Upcoming bugs: AJAX, JSON, Web Services, Clickjacking.

bWAPP_2.png

bWAPP_10.png

bWAPP is a PHP application that uses a MySQL database. It can be hosted on Linux and Windows using Apache/IIS and MySQL. It can also be installed with WAMP or XAMPP.

It's also possible to download our bee-box, a custom Linux VMware virtual machine pre-installed with bWAPP.

This project is part of the ITSEC GAMES project. You can find more about bWAPP on this blog very soon. We will cover the installation procedure and most of the web application issues/bugs.

bWAPP_12.png

bWAPP_24.png

bWAPP_16.png

bWAPP_15.png

bWAPP_11.png

bWAPP_7.png

bWAPP_19.png

bWAPP_20.png

bWAPP_13.png

Sources:

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...