Greetings,
I'm experimenting (on paper initially) with a technique for improving
resiliency of web applications, and to do so am looking for examples
of server side scripts (PHP, Perl, whatever) that have security
vulnerabilities, to see if the technique would work. If you have
scripts you'd be
: There are several applications designed specifically for this:
:
: Mutillidae
:
http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10
:
: Foundstone's Hacme Bank and Hacme Travel
: http://www.foundstone.com/us/resources-free-tools.asp
:
: WebGoat
:
Hi Jeremy,
: I'm experimenting (on paper initially) with a technique for improving
: resiliency of web applications, and to do so am looking for examples
: of server side scripts (PHP, Perl, whatever) that have security
: vulnerabilities, to see if the technique would work. If you have
: If
Jeremy,
CVE is littered with these kinds of issues, for PHP especially. The
scripts are often open source, fully-functional packages that just happen
to have lots of security issues. Sometimes the root cause is buried
fairly deep in the code, but the people who find these bugs often care
only
