Hacme Bankô
Results 1 to 4 of 4

Thread: Hacme Bankô

  1. #1
    Senior Member
    Join Date
    May 2004
    Posts
    274

    Hacme Bankô

    Hacme Bankô is designed to teach application developers, programmers, architects and security professionals how to create secure software. Hacme Bank simulates a "real-world" online banking application, which was built with a number of known and common vulnerabilities such as SQL injection and cross-site scripting. This allows users to attempt real exploits against a web application and thus learn the specifics of the issue and how best to fix it. Foundstone uses this application extensively in our Ultimate Web Hacking and Building Secure Software training classes.
    http://www.foundstone.com/index.htm?.../s3i_tools.htm
    Excuse me, is there an airport nearby large enough for a private jet to land?

  2. #2
    Senior Member
    Join Date
    Feb 2002
    Posts
    114
    I have installed and used this great training guide and really shows how insecure peoples information can be due to peoples poor coding and one simple malicious in put ('or 1=1--)

    Hopefully aplications like this will help improve coding and security.

    Installation of Hackme was realtively simple windows xp laptop 2.6gig 256 mem iis installed needed to download .net framework and sql msde.

    Installed within 30 mins and with the user guide for hackme you can kick of with it straight away.
    [pong][gloworange]665[/gloworange] Next door to the [glowpurple]devil[/glowpurple][/pong]

  3. #3
    Senior Member
    Join Date
    May 2004
    Posts
    274
    WebGoat is a full J2EE web application designed to teach web application security lessons. In each lesson, users must demonstrate their understanding by exploiting a real vulnerability on the local system. The system is even clever enough to provide hints and show the user cookies, parameters and the underlying Java code if they choose. Examples of lessons include SQL injection to a fake credit card database, where the user creates the attack and steals the credit card numbers.
    http://www.owasp.org/software/webgoat.html

    Currenty i m playing around with this utility and find it very useful. It will surely help to increase ur understanding regarding web applications security.
    Excuse me, is there an airport nearby large enough for a private jet to land?

  4. #4
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    This is an old thread (quite old actually)... but I seem to have missed it the first time around.. I just stumbled across this software yesterday and I was amazed by it... so I decided to search and see if it had been mentioned here.... I'm glad that it has.....

    I also found other software, while downloading the latest Achillies onto my freshly installed windows XP machine (Sorry I'm proud.. first install in like 2 years.... and I had replaced every piece of hardware during the last install... this new one is much cleaner)...

    Anyways the other software I stumbled across was called WebMaven.... aka Buggy Bank... I ran a quick search and it didn't pop up, however since this did I've decide to append it here. Anyone who enjoys one of these pieces of software should equally enjoy the other piece.

    Anyways... check it out at http://www.mavensecurity.com/webmaven

    Peace,
    HT

    PS: Mods if you want to seperate this into it's own thread since these other posts are rather old feel free too..
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides