HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 32 guests and 1 member online
 
Advertisement

You are here: Home arrow Featuresarrow Opinionsarrow Web Security Dojo - Recommended?
EH-Net
May 25, 2013, 06:16:36 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Web Security Dojo - Recommended?  (Read 7335 times)
0 Members and 1 Guest are viewing this topic.
clanggedin
Newbie
*
Offline Offline

Posts: 17


View Profile
« on: June 01, 2010, 01:46:28 PM »
I just came across this program and I'm looking at playing with it to learn more and penetration testing. I searched the forum before I asked the question, and did not find any reviews or opinions on if it's worth while or not.

I don't have tons of pentesting experience and want to get certified in the future, will this help me learn the tools I need?
Logged
hayabusa
Hero Member
*****
Offline Offline

Posts: 1633



View Profile
« Reply #1 on: June 01, 2010, 02:52:36 PM »
I have limited experience with it, but had a lab setup using it, once upon a time.  I seem to recall it was a pretty good primer to really get my web-thinking juices flowing, and I enjoyed working on it.

Whether it is or isn't the best (I haven't used it in some time, so I can't fairly rate it good or bad,) it's one more card in the deck, as far as having a good training lab goes.  Can never hurt to setup different scenarios, as even those you think you've got 'mastered' can sometimes come back to bite you, if you're complacent.
Logged
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH
secureseven
Jr. Member
**
Offline Offline

Posts: 79



View Profile
« Reply #2 on: June 01, 2010, 03:06:08 PM »
I've played with it for a little bit. I went between the dojo, webgoat and DVL. They are all good primers on the web dev security from what I remember. I'll be setting them up as soon as I get my new computer chock full of RAM for tons of VM labs lol.
Logged
http://twitter.com/mikesantillana
eLearnSecurity Team Member.
xXxKrisxXx
Hero Member
*****
Offline Offline

Posts: 512



View Profile
« Reply #3 on: June 03, 2010, 11:40:25 AM »
Metasploit Unleashed is also a good resource:

http://www.offensive-security.com/metasploit-unleashed/
Logged
eCPPT, GCIH, OSCP, OSWP
secureseven
Jr. Member
**
Offline Offline

Posts: 79



View Profile
« Reply #4 on: June 03, 2010, 11:59:31 AM »
I'm also trying to integrate Damn Vulnerable Web App into the Web Security dojo found here: http://sourceforge.net/projects/dvwa/

Try it for more web practice.
Logged
http://twitter.com/mikesantillana
eLearnSecurity Team Member.
Equix3n-
Sr. Member
****
Offline Offline

Posts: 386



View Profile
« Reply #5 on: June 03, 2010, 01:29:24 PM »
It doesn't include all the tools, but will definitely help you get started if you've no prior experience.

@secureseven
The latest version of Dojo includes DVWA.
Logged
secureseven
Jr. Member
**
Offline Offline

Posts: 79



View Profile
« Reply #6 on: June 03, 2010, 03:10:45 PM »
Ah, thanks Equix3n-

Even though it doesn't have all the tools, I'm sure in your lab you can setup the web servers and use a second VM or computer with backtrack/samurai to attack it

Also, I haven't tried it, but I've seen some stuff on Multilldae(another vulnerable web app) from IronGeek I believe.
Logged
http://twitter.com/mikesantillana
eLearnSecurity Team Member.
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.053 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Free Business and Tech Magazines and eBooks

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.