Damn Vulnerable Web Services Logo

Damn Vulnerable Web Services

0
Free
Visit Website

Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities. The aim of this project is to help security professionals learn about Web Application Security through the use of a practical lab environment. This application includes the following vulnerabilities: - WSDL Enumeration - XML External Entity Injection - XML Bomb Denial-of-Service - XPATH Injection - WSDL Scanning - Cross Site-Tracing - OS Command Injection - Server Side Request Forgery - REST API SQL Injection - Same Origin Method Execution - JSON Web Token (JWT) Secret Key Brute Force - Cross-Origin Resource Sharing Instructions: DVWS can be used with a XAMPP setup. XAMPP is a free and open source cross-platform web server solution which mainly consists of an Apache Web Server and MySQL database. To setup, download and install the XAMPP setup first. Next, download the dvws folder and copy the folder to your htdocs directory. Lastly, Setup or reset the database by going to http://localhost/dvws/instructions.php

FEATURES

ALTERNATIVES

A static analysis tool for Android apps that detects malware and other malicious code

IDAPython plugin for generating Yara rules/patterns from x86/x86-64 code through parameterization.

Revelo is an experimental Javascript deobfuscator tool with features to analyze and deobfuscate Javascript code.

ConDroid performs concolic execution of Android apps to observe 'interesting' behavior in dynamic analysis.

An application security platform that combines API discovery, multiple security testing methodologies, and continuous monitoring to protect modern applications throughout their development lifecycle.

A collection of mobile security resources with tools, white papers, ebooks, and webinars.

Utility for comparing control flow graph signatures to Android methods with scanning capabilities for malicious applications.

Instrumentation-based approach for resolving reflective calls in Android apps.