Re: web application scanning tool - any unsecure demo sites out there to run them against?

> You might try some of these sites.
>
> http://www.hackthissite.org/
> http://hackme.mightyseek.com/
>
> Darren
>
> -----Original Message-----
> From: listbounce@... [mailto:listbounce@...] On
> Behalf Of bigbert007
> Sent: Tuesday, March 18, 2008 9:03 AM
> To: webappsec@...
> Subject: web application scanning tool - any unsecure demo sites out there
> to run them against?
>
> Hi everyone,
>
> I'm working on a project that involves evaluation web app scanning tools.
> I'm looking to run each of the scanning tools against  the following app
> types:
>
> 1.  J2EE
> 2.  ASP.Net
> 3.  PHP
> 4.  ColdFusion
>
> I know that WebGoat is out there on the OWASP site for testing/learning
> purposes, but I am coming up empty handed for the the other app types.  
> Does anyone have any suggestions for "ready-made" sites like the above that
> I could get my hands on?
>
> Thanks!
>
> Bert
>
>
> ---
> avast! Antivirus: Outbound message clean.
> Virus Database (VPS): 080318-0, 03/18/2008 Tested on: 3/18/2008 10:02:48 AM
> avast! - copyright (c) 1988-2008 ALWIL Software.
> http://www.avast.com
>
>
>
>
> -------------------------------------------------------------------------
> Sponsored by: Watchfire
> Methodologies & Tools for Web Application Security Assessment With the rapid
> rise in the number and types of security threats, web application security
> assessments should be considered a crucial phase in the development of any
> web application. What methodology should be followed? What tools can
> accelerate the assessment process? Download this Whitepaper today!
>
> https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
> -------------------------------------------------------------------------
>
>
>
> ---
> avast! Antivirus: Inbound message clean.
> Virus Database (VPS): 080318-0, 03/18/2008
> Tested on: 3/18/2008 1:18:21 PM
> avast! - copyright (c) 1988-2008 ALWIL Software.
> http://www.avast.com
>
>
>
>