OWASP WebGoat
@OWASP_WebGoat
Followers
269
Following
6
Media
2
Statuses
26
Official account of the original #OWASP WebGoat ... a purposely vulnerable J2EE app & training platform to help improve #AppSec
Joined January 2017
Nice to see ActiveScan++ detecting this vulnerability. We have a lesson that demonstrates precisely this attack. Try out our XXE lessons...
Would you expect burp suite to flag this as XXE when all that was required was changing the Content-Type to application/xml and supplying an XXE in the POST POST /endpoint Content-Type: application/json {"lol":"lol"}
2
0
0
WebGOAT - I have just completed this room! Check it out: https://t.co/uYJoVbuPEc
#tryhackme #webgoat #testing #webapp #owasp #webgoat via @realtryhackme
tryhackme.com
Simple testing room for beating on WebGOAT
0
1
1
Have been slow to check or send out updates. Finally logging in, happy to see this sort of notification.
I had never understood DOM based XSS this well ever before. This resource is giving me a lot of new info and i can feel my concepts becoming clearer. Thanks @OWASP_WebGoat . #appsec #security #xss #dom
0
2
2
Today we will host a security workshop with WebGoat at #DevoxxPL for all the participants please follow the instructions on https://t.co/nq3rSYfFfe in order to get everything up and running
github.com
Contribute to nbaars/devoxx-pl development by creating an account on GitHub.
0
0
1
Giving a WebGoat workshop at DevOpsCon (@devops_con) with special thanks to @jdriven_nl for letting us host it on a powerful VM instance on Google Cloud
0
1
0
Tomorrow @OWASP_WebGoat will be present at @BSidesAMS with a couple of new challenges in our CTF event.
0
2
5
Had some fun at AppSecEU with @owasp_juiceshop ...
Meet #A7, the friendly @owasp troll in the member lounge at @appseceu! (©ollaborative naming idea of @owasp_webgoat and @owasp_juiceshop)
0
2
2
Hey @EhernandezEvin ... can we get a hand? (in OWASP Lounge), or ping us on the OWASP slack cc @misfir3
0
0
0
Sorry ... we'll post something about WebGoat 8 progress before too long. In the meantime ...
0
1
0
Been quiet on twitter here for a little, but we're still plugging away on version 8 of WebGoat. Hope to be out at @AppSecEU in Belfast!
0
0
0
tried to give a little love to @zaproxy last night too, There's even a lesson featuring ZAP (Great Tool) to be included in v. 8 of WebGoat
1
2
1
Wanted to nix httponly for WebGoat. Yep, StackOverflow has the answer! https://t.co/GPZmj3IXNR At least dev acknowledges not a good idea
0
0
0