On November 7th starting at 6pm, we will be hosting this months OWASP meeting with Chuck Willis giving a Hands-on introduction to OWASP BWA and ZAP
This interactive session will provide an introduction to two OWASP Projects: the Broken Web Application (BWA) project, which releases a free virtual machine running web applications with known security vulnerabilities and the Zed Attack Proxy project, which produces a free tool for testing web applications.
The goal of the session is to get attendees started working with these projects and comfortable to continue using them for self-study if desired. The OWASPBWA VM includes a variety of training applications that are well suited for people at a variety of skill levels.
In order to get the most from this session, attendees should bring a laptop with the following items downloaded / installed:
– OWASP ZAP (http://code.google.com/p/zaproxy/downloads/list), which requires a Java runtime
– A virtualization package, such as the free VirtualBox, free VMware Player, or commercial VMware Workstation
– The OWASP BWA VM (http://sourceforge.net/projects/owaspbwa/files/ or via BitTorrent at http://code.google.com/p/owaspbwa/wiki/OWASPBWABitTorrentDownload). Please uncompress the VM before the session to save time.
We look forward to seeing you at the space!
Leave a Reply