Broken Web Applications VM Version 0.9 Released

Written by Chuck Willis

As I mentioned in my previous post, I have been working on creating a Linux Virtual Machine containing a variety of vulnerable web applications. Just in time for the OWASP AppSec DC Conference, version 0.9 of the VM has been released!

You can find details about the VM on the project summary page on Google Code. You can also get the VM via the downloads page.

The VM is still a work in progress. I would like to add additional applications, especially those that use different application frameworks, but the applications that are there should work. I really hope that some people at the conference will get excited about the project and contribute some additional content that can be included on the 1.0 release.

If you would like to contribute some effort or a vulnerable application or just have some comments / criticism, I’d love to hear from you at chuck.willis (at) mandiant (dot) com.

I will be speaking about this project at the OWASP AppSec DC Conference. I hope to see you there!

Chuck

Tags: OWASP, VM, Web Application

Leave a Reply

You must be logged in to post a comment.

Recent Posts

• Combat the APT by Sharing Indicators of Compromise
• DOD Cyber Crime: New Audit Viewer/Memoryze
• M-Trends: Advanced Persistent Threat Malware
• M-Trends: The Advance of the Persistent Threat
• MANDIANT in Miami at the SCADA Security Scientific Symposium

Follow us on Twitter

• Mandiant: MANDIANT People #FF Correction it is @wendilou2
• Mandiant: MANDIANT People #ff Cont @sroberts
• Mandiant: MANDIANT People #FF @petersilberman @nickharbour @robtlee @0x73davis @wendilou @coryaltheide

MANDIANT News

• Whitelist or Trustlist?: Should There be an Industry Software Whitelist?
• The Changing Face of Cybercrime
• Fresh Prints Webinar Series
• Loose Lips Sink Networks - Is Social Networking Making Your Network Insecure?