<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="refresh" content="0;url=https://owasp.org/www-project-webgoat/" /> <link rel="canonical" href="https://owasp.org/www-project-webgoat/" /> </head> <body> <h1> The page been moved to <a href="https://owasp.org/www-project-webgoat/">https://owasp.org/www-project-webgoat/</a> </h1> </body> </html> <!--<head>--> <!-- <meta charset="utf-8">--> <!-- <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">--> <!-- <meta name="description" content="WebGoat is a deliberately insecure application that allows interested developers just like you to test vulnerabilities--> <!-- commonly found in Java-based applications that use common and popular open source components">--> <!-- <meta name="author" content="WebGoat">--> <!-- <title>WebGoat</title>--> <!-- <!– Bootstrap core CSS –>--> <!-- <link href="vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">--> <!-- <!– Custom fonts for this template –>--> <!-- <link href="vendor/font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css">--> <!-- <link href="https://fonts.googleapis.com/css?family=Montserrat:400,700" rel="stylesheet" type="text/css">--> <!-- <link href="https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic" rel="stylesheet" type="text/css">--> <!-- <!– Plugin CSS –>--> <!-- <link href="vendor/magnific-popup/magnific-popup.css" rel="stylesheet" type="text/css">--> <!-- <!– Custom styles for this template –>--> <!-- <link href="css/freelancer.min.css" rel="stylesheet">--> <!--</head>--> <!--<body id="page-top">--> <!-- <!– Navigation –>--> <!-- <nav class="navbar navbar-expand-lg bg-secondary fixed-top text-uppercase" id="mainNav">--> <!-- <div class="container">--> <!-- <!– Brand and toggle get grouped for better mobile display –>--> <!-- <div class="navbar-header page-scroll">--> <!-- <img class="img-responsive" src="img/profile.png" alt="">--> <!-- </div>--> <!-- </div>--> <!-- </nav>--> <!-- <!– Header –>--> <!-- <header class="masthead bg-primary text-white text-center">--> <!-- <div class="container">--> <!-- <div class="row">--> <!-- <div class="col-lg-12">--> <!-- <h2 class="text-center text-uppercase mb-5">Learn the hack - Stop the attack</h2>--> <!-- --> <!-- </div>--> <!-- </div>--> <!-- <div class="row">--> <!-- <div class="col-lg-8 mx-auto">--> <!-- <p>WebGoat is a deliberately insecure application that allows interested developers just like you to test vulnerabilities--> <!-- commonly found in Java-based applications that use common and popular open source components.</p>--> <!-- </div>--> <!-- <div class="col-lg-8 mx-auto">--> <!-- <a href="https://github.com/WebGoat/WebGoat/releases" class="btn btn-xl btn-outline-light">--> <!-- <i class="fa fa-download"></i> Download standalone--> <!-- </a>--> <!-- <a href="https://hub.docker.com/r/webgoat/webgoat-8.0/" class="btn btn-xl btn-outline-light">--> <!-- <i class="fa fa-download"></i> Run using Docker--> <!-- </a>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- </header>--> <!-- <!– Portfolio Grid Section –>--> <!-- <section class="portfolio" id="portfolio">--> <!-- <div class="container">--> <!-- <h3 class="text-center text-uppercase text-secondary mb-0">Learn in 3 steps</h3>--> <!-- <hr class="star-dark mb-5">--> <!-- <div class="row">--> <!-- <div class="col-md-6 col-lg-4 text-center">--> <!-- <a class="portfolio-item d-block mx-auto" href="#portfolio-modal-1">--> <!-- <div class="portfolio-item-caption d-flex position-absolute h-100 w-100">--> <!-- <div class="portfolio-item-caption-content my-auto w-100 text-center text-white">--> <!-- <i class="fa fa-search-plus fa-3x"></i>--> <!-- </div>--> <!-- </div>--> <!-- <img class="img-fluid" src="img/portfolio/teach.png" alt="">--> <!-- </a>--> <!-- </div>--> <!-- <div class="col-md-6 col-lg-4 text-center">--> <!-- <a class="portfolio-item d-block mx-auto" href="#portfolio-modal-2">--> <!-- <div class="portfolio-item-caption d-flex position-absolute h-100 w-100">--> <!-- <div class="portfolio-item-caption-content my-auto w-100 text-center text-white">--> <!-- <i class="fa fa-search-plus fa-3x"></i>--> <!-- </div>--> <!-- </div>--> <!-- <img class="img-fluid" src="img/portfolio/assignment.png" alt="">--> <!-- </a>--> <!-- </div>--> <!-- <div class="col-md-6 col-lg-4 text-center" >--> <!-- <a class="portfolio-item d-block mx-auto" href="#portfolio-modal-3">--> <!-- <div class="portfolio-item-caption d-flex position-absolute h-100 w-100">--> <!-- <div class="portfolio-item-caption-content my-auto w-100 text-center text-white">--> <!-- <i class="fa fa-search-plus fa-3x"></i>--> <!-- </div>--> <!-- </div>--> <!-- <img class="img-fluid" src="img/portfolio/mitigation.png" alt="">--> <!-- </a>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- </section>--> <!-- <!– Goals Section –>--> <!-- <section class="bg-primary text-white mb-0" id="goals">--> <!-- <div class="container">--> <!-- <h3 class="text-center text-uppercase text-white">Goals</h3>--> <!-- <hr class="star-light mb-5">--> <!-- <div class="row">--> <!-- <div class="col-lg-6 ml-auto">--> <!-- <p class="lead">--> <!-- Web application security is difficult to learn and practice. Not many people have full blown web applications like online book --> <!-- stores or online banks that can be used to scan for vulnerabilities. In addition, security professionals frequently need to test --> <!-- tools against a platform known to be vulnerable to ensure that they perform as advertised. All of this needs to happen in a safe --> <!-- and legal environment.--> <!-- --> <!-- </p>--> <!-- </div>--> <!-- <div class="col-lg-6 mr-auto">--> <!-- <p class="lead">Even if your intentions are good, we believe you should never attempt to find vulnerabilities without--> <!-- permission. The primary goal of the WebGoat project is simple: create a de-facto interactive teaching environment for web application security. --> <!-- In the future, the project team hopes to extend WebGoat into becoming a security benchmarking platform and a Java-based Web site Honeypot.--> <!-- </p>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- </section>--> <!-- <!– Contributing Section –>--> <!-- <section class="portfolio" id="portfolio">--> <!-- <div class="container">--> <!-- <h3 class="text-center text-uppercase text-secondary mb-0">More information</h3>--> <!-- <hr class="star-dark mb-5">--> <!-- <div class="row">--> <!-- <div class="col-lg-4 ml-auto">--> <!-- <p class="lead">For more information about running WebGoat / FAQ see our <a href="https://github.com/WebGoat/WebGoat/wiki">wiki pages.</a>--> <!-- </p>--> <!-- </div>--> <!-- <div class="col-lg-4 mr-auto">--> <!-- <p class="lead">Interested in contributing to WebGoat, take a look at our <a href="https://github.com/WebGoat/WebGoat/issues">issues.</a> </p>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- </section>--> <!-- --> <!-- <!– Footer –>--> <!-- <footer class="footer text-center">--> <!-- <div class="container">--> <!-- <div class="row">--> <!-- <div class="col-md-4 mb-5 mb-lg-0">--> <!-- </div>--> <!-- <div class="col-md-4 mb-5 mb-lg-0">--> <!-- <h4 class="text-uppercase mb-4">Around the Web</h4>--> <!-- <ul class="list-inline mb-0">--> <!-- <li class="list-inline-item">--> <!-- <a class="btn btn-outline-light btn-social text-center rounded-circle" href="mailto:webgoat@owasp.org">--> <!-- <i class="fa fa-fw fa-at"></i>--> <!-- </a>--> <!-- </li>--> <!-- <li class="list-inline-item">--> <!-- <a class="btn btn-outline-light btn-social text-center rounded-circle" href="https://github.com/WebGoat">--> <!-- <i class="fa fa-fw fa-github"></i>--> <!-- </a>--> <!-- </li>--> <!-- <li class="list-inline-item">--> <!-- <a class="btn btn-outline-light btn-social text-center rounded-circle" href="https://stackoverflow.com/search?q=webgoat">--> <!-- <i class="fa fa-fw fa-stack-overflow"></i>--> <!-- </a>--> <!-- </li>--> <!-- <li class="list-inline-item">--> <!-- <a class="btn btn-outline-light btn-social text-center rounded-circle" href="https://twitter.com/OWASP_WebGoat">--> <!-- <i class="fa fa-fw fa-twitter"></i>--> <!-- </a>--> <!-- </li>--> <!-- <li class="list-inline-item">--> <!-- <a class="btn btn-outline-light btn-social text-center rounded-circle" href="https://owasp.slack.com/messages/#project-webgoat/">--> <!-- <i class="fa fa-fw fa-slack"></i>--> <!-- </a>--> <!-- </li>--> <!-- </ul>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- </footer>--> <!-- <div class="copyright py-4 text-center text-white">--> <!-- <div class="container">--> <!-- <small>Team WebGoat 2019</small>--> <!-- </div>--> <!-- </div>--> <!-- <!– Scroll to Top Button (Only visible on small and extra-small screen sizes) –>--> <!-- <div class="scroll-to-top d-lg-none position-fixed ">--> <!-- <a class="js-scroll-trigger d-block text-center text-white rounded" href="#page-top">--> <!-- <i class="fa fa-chevron-up"></i>--> <!-- </a>--> <!-- </div>--> <!-- <!– Explain modal –>--> <!-- <div class="portfolio-modal mfp-hide" id="portfolio-modal-1">--> <!-- <div class="portfolio-modal-dialog bg-white">--> <!-- <a class="close-button d-none d-md-block portfolio-modal-dismiss" href="#">--> <!-- <i class="fa fa-3x fa-times"></i>--> <!-- </a>--> <!-- <div class="container text-center">--> <!-- <div class="row">--> <!-- <div class="col-lg-8 mx-auto">--> <!-- <h3 class="text-secondary text-uppercase mb-0">Explain the vulnerability</h3>--> <!-- <hr class="star-dark mb-5">--> <!-- <img class="img-fluid mb-5" src="img/portfolio/lesson.png" alt="">--> <!-- <p class="mb-5">Teaching is now a first class citizen of WebGoat, we explain explain the vulnerability. Instead of 'just hacking' we now focus on explaining from the beginning what for example a SQL injection is.--> <!-- </p>--> <!-- <a class="btn btn-primary btn-lg rounded-pill portfolio-modal-dismiss" href="#">--> <!-- <i class="fa fa-close"></i>--> <!-- Close</a>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- <!– Assignment modal –>--> <!-- <div class="portfolio-modal mfp-hide" id="portfolio-modal-2">--> <!-- <div class="portfolio-modal-dialog bg-white">--> <!-- <a class="close-button d-none d-md-block portfolio-modal-dismiss" href="#">--> <!-- <i class="fa fa-3x fa-times"></i>--> <!-- </a>--> <!-- <div class="container text-center">--> <!-- <div class="row">--> <!-- <div class="col-lg-8 mx-auto">--> <!-- <h3 class="text-secondary text-uppercase mb-0">Learn by doing</h3>--> <!-- <hr class="star-dark mb-5">--> <!-- <img class="img-fluid mb-5" src="img/portfolio/assignment-example.png" alt="">--> <!-- <p class="mb-5">During the explanation of a vulnerability we build assignments which will help you understand how it works.</p>--> <!-- <a class="btn btn-primary btn-lg rounded-pill portfolio-modal-dismiss" href="#">--> <!-- <i class="fa fa-close"></i>--> <!-- Close</a>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- <!– Mitigation modal –>--> <!-- <div class="portfolio-modal mfp-hide" id="portfolio-modal-3">--> <!-- <div class="portfolio-modal-dialog bg-white">--> <!-- <a class="close-button d-none d-md-block portfolio-modal-dismiss" href="#">--> <!-- <i class="fa fa-3x fa-times"></i>--> <!-- </a>--> <!-- <div class="container text-center">--> <!-- <div class="row">--> <!-- <div class="col-lg-8 mx-auto">--> <!-- <h3 class="text-secondary text-uppercase mb-0">Explain mitigations</h3>--> <!-- <hr class="star-dark mb-5">--> <!-- <img class="img-fluid mb-5" src="img/portfolio/mitigation-example.png" alt="">--> <!-- <p class="mb-5">At the end of each lesson you will receive an overview of possible mitigations which will help you during your development work.</p>--> <!-- <a class="btn btn-primary btn-lg rounded-pill portfolio-modal-dismiss" href="#">--> <!-- <i class="fa fa-close"></i>--> <!-- Close</a>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- </div>--> <!-- <!– Bootstrap core JavaScript –>--> <!-- <script src="vendor/jquery/jquery.min.js"></script>--> <!-- <script src="vendor/bootstrap/js/bootstrap.bundle.min.js"></script>--> <!-- <!– Plugin JavaScript –>--> <!-- <script src="vendor/jquery-easing/jquery.easing.min.js"></script>--> <!-- <script src="vendor/magnific-popup/jquery.magnific-popup.min.js"></script>--> <!-- <!– Custom scripts for this template –>--> <!-- <script src="js/freelancer.min.js"></script>--> <!--</body>--> <!--</html>-->