Apr 172010

NA CACS conference hosted by ISACA (18-22 April 2010)

Remote Security Testing for Web Applications
Presented by David Rhoades
Maven Security Consulting

Attending this conference workshop session introduced me to Maven Security’s Web Security Dojo.  This is a virtual image, Ubuntu based, that includes several free and open source tools used for web application auditing.  The image also includes web application environments that are vulnerable to many common vulnerabilities to allow you to test and learn how to use the tools.  This pre-configured environment is perfect for educational purposes.  They also include a BASH script that will setup your own Ubuntu environment.