It's called "WebGoat" it allows you to legal pentesting. Such as XSS, SQL injection and other various types of web attacks. It's simple to install and use:
First Go to and download - http://sourceforge.net/project/showfiles...p_id=64424
Now once you have it downloaded extract the file to your desktop.
Open up the file and double click the bat file named webgoat.bat
Allow it to start and keep it running (dont close down the BAT file or the pentesting will stop on localhost)
Now once it's open go to your webbrowser go to:
http://localhost/WebGoat/attack
Or
http://localhost./WebGoat/attack
and enter the username "guest" and the password "guest"
Now enter the site and look around you have various lessons (Attacks) you also get solutions and tips on how to solve the actual attack.
Or you can watch some webgoat video tutorials here:
http://yehg.org/lab/pr0js/training/webgoat.php
As it was for application legal pentesting. I posted that applications,
but, we should be concern one thing out here, by using this kind of
application we are little restricted, but still usefull to understand
things litter better. I would like to post few links, actully few
web-sites which allows you to penetrate there web-site, that means you
can try all your hacking skill out there, all legal :]
If you want to improve your skills please try breaking into this web-sites all legal.
http://www.hackthissite.org/ --> [ I am one of the old memeber of this website, but not much active for more then 2 years soo.. ]
http://www.hellboundhackers.org/
http://ha.ckers.org/challenge/
http://ha.ckers.org/challenge2/
http://scanme.nmap.org/
http://roothack.org/
http://hackme.ntobjectives.com/
http://wocares.com/xsstester.php
http://www.hackertest.net/
And plenty more, I care remember.
Have fun!!
0 comments:
Post a Comment