OWASP Damn Vulnerable Web Sockets (DVWS)
0
Free
OWASP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication. The flow of the application is similar to DVWA. You will find more vulnerabilities than the ones listed in the application. Requirements: In the hosts file of your attacker machine create an entry for dvws.local to point at the IP address hosting the DVWS application. The application requires Apache + PHP + MySQL, PHP with MySQLi support, Ratchet, and ReactPHP-MySQL. Install 'Ratchet' and 'ReactPHP-MySQL' using composer. Set the MySQL hostname, username, password, and an existing database name in the includes/connect-db.php file then go to Setup to finish setting up DVWS. Running DVWS: On the host running this application, run the following command from DVWS directory: php ws-socket.php --heartbeat-interval <sec>
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
WackoPicko is a vulnerable website with known vulnerabilities, now available as a Docker image and included in the OWASP Broken Web Applications Project.
Aqua Security is a CNAPP that provides comprehensive security for cloud native applications across their entire lifecycle, from development to production, in various cloud and container environments.
Commercial
Reformat and re-indent bookmarklets, ugly JavaScript, and unpack scripts with options available via UI.
Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.
Commercial
A tool for detecting capabilities in executable files, providing insights into a program's behavior and potential malicious activities.
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security