Web Security Dojo – Recommended?

Viewing 6 reply threads
  • Author
    Posts
    • #5139
      clanggedin
      Participant

      I just came across this program and I’m looking at playing with it to learn more and penetration testing. I searched the forum before I asked the question, and did not find any reviews or opinions on if it’s worth while or not.

      I don’t have tons of pentesting experience and want to get certified in the future, will this help me learn the tools I need?

    • #32565
      hayabusa
      Participant

      I have limited experience with it, but had a lab setup using it, once upon a time.  I seem to recall it was a pretty good primer to really get my web-thinking juices flowing, and I enjoyed working on it.

      Whether it is or isn’t the best (I haven’t used it in some time, so I can’t fairly rate it good or bad,) it’s one more card in the deck, as far as having a good training lab goes.  Can never hurt to setup different scenarios, as even those you think you’ve got ‘mastered’ can sometimes come back to bite you, if you’re complacent.

    • #32566
      secureseve
      Participant

      I’ve played with it for a little bit. I went between the dojo, webgoat and DVL. They are all good primers on the web dev security from what I remember. I’ll be setting them up as soon as I get my new computer chock full of RAM for tons of VM labs lol.

    • #32567
      KrisTeason
      Participant

      Metasploit Unleashed is also a good resource:

      http://www.offensive-security.com/metasploit-unleashed/

    • #32568
      secureseve
      Participant

      I’m also trying to integrate Damn Vulnerable Web App into the Web Security dojo found here: http://sourceforge.net/projects/dvwa/

      Try it for more web practice.

    • #32569
      Xen
      Participant

      It doesn’t include all the tools, but will definitely help you get started if you’ve no prior experience.

      @secureseven
      The latest version of Dojo includes DVWA.

    • #32570
      secureseve
      Participant

      Ah, thanks Equix3n-

      Even though it doesn’t have all the tools, I’m sure in your lab you can setup the web servers and use a second VM or computer with backtrack/samurai to attack it

      Also, I haven’t tried it, but I’ve seen some stuff on Multilldae(another vulnerable web app) from IronGeek I believe.

Viewing 6 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?