A free open-source self-contained training environment for Web Application Security penetration testing. Tools + Targets = Dojo
Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v16.04LTS, which is patched with the appropriate updates and VM additions for easy use.
The Web Security Dojo is for learning and practicing web app security testing techniques. It is ideal for self-teaching and skill assessment, as well as training classes and conferences since it does not need a network connection. The Dojo contains everything needed to get started – tools, targets, and documentation.
Download Web Security Dojo from https://websecuritydojo.sourceforge.io .
To install Dojo you first install and run VirtualBox 5 or later, then “Import Appliance” using the Dojo’s OVF file. We have PDF or YouTube for instructions for Virtualbox. The OVA should also be able to be imported and used in various VMware tools, but we do not support this directly at this time.
Sponsored by Maven Security Consulting Inc (performing web app security testing & training since 2001). Also, could be you! Web Security Dojo is an open source and fully transparent project, with public build scripts and bug trackers on Sourceforge .