How to use OWASP Broken Web Apps to prevent vulnerabilities

OWASP Broken Web Apps allows pen testers to attack applications that are intentionally insecure to hone their skills at securing their own apps.

Mike McLaughlin, Contributor

SQL injection. Cross-site scripting. Buffer overflow. These are just some of the most common methods attackers use to compromise Web applications. But how can infosec pros know how to prevent them if they don't know how they work?

In this video demo, learn how to use the OWASP Broken Web Apps project, which allows would-be pen testers to attack applications that are intentionally insecure in order to help them hone their skills at securing their own apps.

Want more demos of free security tools? Visit our screencast page.

About the speaker:
Mike McLaughlin is a penetration tester working for First Base Technologies, an information security consultancy in the UK. Mike's daily work consists of both internal and external network based penetration testing, Web application penetration testing, and social engineering.

This was last published in August 2011

How to use OWASP Broken Web Apps to prevent vulnerabilities

OWASP Broken Web Apps allows pen testers to attack applications that are intentionally insecure to hone their skills at securing their own apps.

Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments

How to test micro apps

Learn what to test in a mobile application

Oversee apps with these 3 application security testing tools

Essential instruments for a pen test toolkit