Guest Post By:Nikhalesh Singh

What is WebGoat?
WebGoat is a J2EE web application, created by the OWASP community to provide a teaching environment for webapplication security.
It is a deliberately insecure program, where you must go through a number of lessons. In each lesson, you learn about a new sort of vulnerability, and in the same moment get a hands-on try at exploiting that vulnerability.
Why you need webgoat ?

If you in field of hacking and security you know Web application security is difficult to learn and practice. Not many people have full blown web applications like online book stores or online banks that can be used to scan for vulnerabilities. In addition, security professionals frequently need to test tools against a platform known to be vulnerable to ensure that they perform as advertised. All of this needs to happen in a safe and legal environment. Even if your intentions are good, we believe you should never attempt to find vulnerabilities without permission.

From webgoat you can perfume attack and learn

HTTP Splitting and Cache Poisining
Bypass Client Side JavaScript Validation
Bypass a Role Based Access Control Scheme
Exploit the Forgot Password Page
Spoof an Authentication Cookie
Hijack a Session
Cross Site Scripting
Blind SQL Injection
String SQL Injection
XPATH Injection
Log Spoofing
And many more attacks

Download :Click Here To download

Video Tutorial:

For more details See here

The content of this Article "Introduction to WebGoat" is for public to know more about it and information is provided by various sources.

About Author:

Nikhalesh Singh(Security specialist,CEH,EC-Council Certified Security Analyst)
Description : He is Owner of website GuruNsb .He is having 3 year experience in field of Information Security. Currently working as independent Information security researcher.

Post a Comment

Feel Free To Ask Your Query we Love To Answer