I’M Tired, LOL.
This weekend I participated in the Offensive Security “How Strong is your Fu?” Hacking tournament. It was a incredible challenge with very precise exploits. Overall I loved the challenge I had a lot of fun, and got very frustrated at some points LOL.
Thank you OffSec for the tournament it was great I can’t wait for more to come.
I was bored and started to browse some of google labs new features and services. Before I could get far a title caught my eye, it was the first listing on the google labs page. The title was ” Web Application Exploits and Defenses”, what is this? This interesting google code university project reminds me of OWASP’s WebGoat project. The difference is the web application is hosted remotely not locally. After further investigation I found out some very interesting features. The application called “Jarlsberg /yärlz’·bərg/” is the vulnerable web application, and once a user sets up their application, the application runs in a separate sandboxed instance specifically for the user. This means there is no contending with others you can work at you own pace and overall you have your very own remote instance of a vulnerable web application, how fun =)
Additionally, the project has labs for a user to go through and learn various web application penetration testing techniques. It also includes labs for blackbox testing, as well as, whitebox testng which according to the projects documentation reviews a lot of the source code of the vulnerable web application to look for vulnerabilities. Within the labs the project has for users they take a user through the exploit as well as document how to fix this issue in the vulnerable web application.
Overall, I believe this is a very nice project from what I have read so far. I can’t wait to get my hands dirty and dig in to have some fun with this vulnerable application. Let’s have some fun, learn some new stuff, and break some things while we are at it =)
Link to the Web Application Exploits and Defenses Project Listed Below: