From: bill (bill@owasp.org)
Date: Fri Feb 14 2003 - 12:38:55 EST
Dear All
OWASP is pleased to announce the release of WebGoat V2
The project homepage is http://www.owasp.org/webgoat/ and you can obtain
the release files from http://sourceforge.net/projects/owasp/
WebGoat is a real web application written in Java with intentional vulnerabilities. It is designed as an interactive learning environment and test application with individual lessons such as SQL injection and Cross Site Scripting that allow the user to have actual hands on experience, in a safe and controlled environment (your own).
>
The Windows and Unix setup files (self executing jar files) install and configure Tomcat for you if its not already configured.
You can also download the source and war file options.
To help there is a documented user guide in pdf.
These are all available from the sourceforge site
https://sourceforge.net/project/showfiles.php?group_id=64424
Creating a new lesson is easy; you need to implement one interface. If you write a new lesson please submit it to the project mailing list owasp-webgoat@lists.sourceforge.net for inclusion in the release builds.
>
We will be releasing an update in the coming months to include lessons for all of the OWASP Top Ten.
>
As ever we are looking for more volunteers to help on the project especially for release V3 near the end of the year. This will include many new features. If you are a Java developer and have a few hours a week, please join the mailing list and introduce yourself.
>
This project would not be possible without the development skills of Bruce Mayhew of Aspect Security (bruce.mayhew@aspectsecurity.com) and the support of the OWASP Chairman Mark Curphey. Thanks.
Enjoy!
Bill Hau (bill@owasp.org)
And remember =93blame it on the Goat=94
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:28 EDT