wavsep

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners.

This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners.

Visit WAVSEP homepage to learn more:
https://code.google.com/p/wavsep/

The project includes the following test cases:

Path Traversal/LFI: 816 test cases (GET & POST)
Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST)
Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST)
Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST)
Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST)
Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST)

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow wavsep

wavsep Web Site

User Reviews

Be the first to post a review of wavsep!

Additional Project Details

Operating Systems

Linux, Windows

Languages

English

Intended Audience

Developers, Education, Quality Engineers, Security, Security Professionals, Testers

User Interface

Web-based

Programming Language

Java, JSP

Database Environment

JDBC, MySQL, Other file-based DBMS

Related Categories

JSP Security Software, JSP Software Testing Tool, JSP Benchmark Software, JSP Vulnerability Scanners, Java Security Software, Java Software Testing Tool, Java Benchmark Software, Java Vulnerability Scanners

Registered

2014-01-29

Similar Business Software

VulnSign

VulnSign is an online vulnerability scanner that is fully automated, customer-orient configurable and has advanced features. VulnSign can scan any type of web application, regardless of the technology it was built with. It uses a Chrome based crawling engine and can identify vulnerabilities in...

See Software
WebScanner

DefenseCode WebScanner is a DAST (Dynamic Application Security Testing, BlackBox Testing) solution for comprehensive security audits of active web applications (websites). WebScanner will test a website’s security by carrying out a large number of attacks using the most advanced techniques, just...

See Software
Probely

Probely is a web vulnerability scanner for agile teams. It provides continuous scanning of web applications and lets you efficiently manage the lifecycle of the vulnerabilities found, in a sleek and intuitive web interface. It also provides simple instructions on how to fix the...

See Software
Swascan

It runs the scan of web sites and web applications to spot and analyze in a proactive way security vulnerabilities. The Network Scanner spots and identifies network vulnerabilities and helps you fixing them. It runs the source code analysis to highlight and solve weak spots and security...

See Software
QuickPatch+

Vulnerability scanner for Plesk that provides reliability, configuration recommendations and automatic fixes for servers running Plesk control panel. Quick Patch+: Analyzes your server configuration and allows you to select and fix vulnerabilities from within the UI; Allows you to configure the...

See Software
Indusface WAS

Get the most comprehensive application security audit done today. Indusface WAS with its automated scans & manual pen-testing ensures none of the OWASP Top10, business logic vulnerabilities and malware go unnoticed. With zero false positive guarantee and comprehensive report with remediation...

See Software