OWASP Broken Web Applications (OWASP BWA): Beyond 1.0 presented at AppSec USA 2013

by Chuck Willis,

Summary : The OWASP Broken Web Applications (OWASP BWA) Project produces a free and open source virtual machine (VM) loaded with more than twenty-five web applications with a variety of security vulnerabilities. The project VM is well suited for use as a learning and training environment or as a standard target for testing tools and techniques. After two years of betas, the project released version 1.0 of the VM in 2012. With that milestone behind us, this talk will focus on the project’s future, though it will include some background on the project and demonstrate key features in the current release.