Mutillidae: Born to be Hacked
|
| Home | Login/Register | Toggle Security | Reset DB | View Log | View Captured Data |
- Core Controls
-
OWASP Top 10
-
A1 - Injection
- SQLi - Extract Data
- SQLi - Bypass Authentication
- SQLi - Insert Injection
- Blind SQL via Timing
- SQLMAP Practice Target
- HTML Injection (HTMLi)
- HTMLi via HTTP Headers
- HTMLi Via DOM Injection
- HTMLi Via Cookie Injection
- Command Injection
- JavaScript Injection
- HTTP Parameter Pollution
- Cascading Style Injection
- JavaScript Object Notation (JSON) Injection
- A2 - Cross Site Scripting (XSS)
- A3 - Broken Authentication and Session Management
- A4 - Insecure Direct Object References
- A5 - Cross Site Request Forgery (CSRF)
- A6 - Security Misconfiguration
- A7 - Insecure Cryptographic Storage
- A8 - Failure to Restrict URL Access
- A9 - Insufficient Transport Layer Protection
- A10 - Unvalidated Redirects and Forwards
-
A1 - Injection
Site hacked...err...quality-tested with Samurai WTF, Backtrack, Firefox, Burp-Suite, Netcat, and
these Mozilla Add-ons
Developed by Adrian "Irongeek" Crenshaw and Jeremy Druin