How to use OWASP Broken Web Apps to prevent vulnerabilities

OWASP Broken Web Apps allows pen testers to attack applications that are intentionally insecure to hone their skills at securing their own apps.

Mike McLaughlin, Contributor

SQL injection. Cross-site scripting. Buffer overflow. These are just some of the most common methods attackers use to compromise Web applications. But how can infosec pros know how to prevent them if they don't know how they work?

In this video demo, learn how to use the OWASP Broken Web Apps project, which allows would-be pen testers to attack applications that are intentionally insecure in order to help them hone their skills at securing their own apps.

Want more demos of free security tools? Visit our screencast page.

About the speaker:
Mike McLaughlin is a penetration tester working for First Base Technologies, an information security consultancy in the UK. Mike's daily work consists of both internal and external network based penetration testing, Web application penetration testing, and social engineering.

This was last published in August 2011

Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments

SearchCloudSecurity

How to use OWASP Broken Web Apps to prevent vulnerabilities

OWASP Broken Web Apps allows pen testers to attack applications that are intentionally insecure to hone their skills at securing their own apps.

Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments

How to test micro apps

Learn what to test in a mobile application

Oversee apps with these 3 application security testing tools

Essential instruments for a pen test toolkit

SearchCloudSecurity

Unify on-premises and cloud access control with SDP

Get to know cloud-based identity governance capabilities

6 AIOps security use cases to safeguard the cloud

SearchNetworking

Aruba product integrations advance its SASE strategy

Wi-Fi 6 rollout requires careful review of network devices

How cloud-native networking will transform infrastructure

SearchCIO

Hybrid care is healthcare's future

Replacing vs. maintaining legacy systems

Managing cybersecurity during the pandemic and in the new digital age

SearchEnterpriseDesktop

Incorporating zero trust into endpoint security

Keeping tabs on employees in the hybrid workplace

Top 6 endpoint security software options in 2021

SearchCloudComputing

Evaluate Azure CLI vs. PowerShell for resource management

Ready to be a GCP architect? Try this quiz and see

Choose the right serverless container service

ComputerWeekly.com

Uptime Institute: Networking issues to overtake power problems as main cause of datacentre outages

BBC appoints new digital and technology leaders

Enea launches 5G MicroCore to support private enterprise networks for Industry 4.0