: There are several applications designed specifically for this:
:
: Mutillidae
:
http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10
:
: Foundstone's Hacme Bank and Hacme Travel
: http://www.foundstone.com/us/resources-free-tools.asp
:
: WebGoat
:
Hi Jeremy,
: I'm experimenting (on paper initially) with a technique for improving
: resiliency of web applications, and to do so am looking for examples
: of server side scripts (PHP, Perl, whatever) that have security
: vulnerabilities, to see if the technique would work. If you have
: If
Hi Mark,
: The adolescent minds that engage in exploits wouldn't know COBOL if a
: printout fell out a window and onto their heads. I'm sure you can write
: COBOL programs that crash, but it must be hard to make them take control
: of the operating system. COBOL programs are heavy into unit
On Wed, 21 Mar 2007, Steven M. Christey wrote:
: With rare exceptions, in general, I do not find that the
: open source community is that much more security consciousness
: than those producing closed source. Certainly this seems true
: if measured in terms of vulnerabilities and we measure
