.

Web application testing lab

<<

millwalll

Post Wed Oct 19, 2011 4:59 pm

Web application testing lab

Hi has anyone seen this http://mdsec.net/labs/ does anyone else think this really expensive ?
<<

rance

User avatar

Full Member
Full Member

Posts: 212

Joined: Thu Jan 03, 2008 5:24 pm

Location: Earth

Post Wed Oct 19, 2011 5:21 pm

Re: Web application testing lab

Dude... WebGoat or DVWA.  Free.
Poking at security since 1986.  +++ATH
<<

rance

User avatar

Full Member
Full Member

Posts: 212

Joined: Thu Jan 03, 2008 5:24 pm

Location: Earth

Post Wed Oct 19, 2011 5:24 pm

Re: Web application testing lab

Poking at security since 1986.  +++ATH
<<

millwalll

Post Thu Oct 20, 2011 3:11 am

Re: Web application testing lab

Yah I know I just wanted to make sure it was not me that felt $7 an hour is mega expensive.
<<

rance

User avatar

Full Member
Full Member

Posts: 212

Joined: Thu Jan 03, 2008 5:24 pm

Location: Earth

Post Thu Oct 20, 2011 9:29 am

Re: Web application testing lab

Ahhh gotcha.  Well, I think my answer still stands...  ;D
Poking at security since 1986.  +++ATH
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 459

Joined: Thu Mar 03, 2011 3:54 am

Post Thu Oct 20, 2011 9:43 am

Re: Web application testing lab

Yeah, I thought it was a bit steep too.  2hrs/night = $14/night.  $14/night for 1 week = $98 for 7 days.  Compared to eLearnSecurity's $99/30 days or $149/60 days.  Or as rance has mentioned, compared to the free price of Webgoat and DVWA...
GSEC, eCPPT, Sec+
<<

impelse

Hero Member
Hero Member

Posts: 619

Joined: Mon Feb 16, 2009 3:40 pm

Post Thu Oct 20, 2011 10:19 am

Re: Web application testing lab

I thought the same, it is expensive
CCNA, Security+, 70-290, 70-291
CCNA Security
CEH
Online Pentest lab: http://www.thehost1.com/
Blog: http://blog.thehost1.com/
<<

millwalll

Post Thu Oct 20, 2011 4:13 pm

Re: Web application testing lab

it looks like it could be quite good but just the price they should charge like $99 for full access. You could get stuck on first challenge and it could be very expensive 
<<

YuckTheFankees

User avatar

Sr. Member
Sr. Member

Posts: 332

Joined: Fri Apr 08, 2011 3:07 pm

Post Thu Oct 20, 2011 11:49 pm

Re: Web application testing lab

I agree that is expensive, use the free ones that were already mentioned.
OSCP in progress
<<

alucian

User avatar

Full Member
Full Member

Posts: 229

Joined: Mon Dec 29, 2008 2:01 pm

Location: Montreal, Canada

Post Sat Oct 22, 2011 6:58 am

Re: Web application testing lab

I would like also to try the labs, but I consider them being expensive. I would rather pay for eLearnsec or for OSCP lab time.
If they will make a price for a month access I think that I'll try to do them, because the more you practice, the better you are.
CISSP ISSAP, CISM/A, GWAPT, GCIH, GREM, GMOB, OSWP
<<

magnologan

User avatar

Newbie
Newbie

Posts: 4

Joined: Wed Oct 26, 2011 12:26 pm

Post Wed Oct 26, 2011 12:54 pm

Re: Web application testing lab

Source:  http://capture.thefl.ag/practice-ctf/

Here's a list of some CTF practice sites and tools or CTFs that are long-running.

Live Online Games Recommended

Whether they're being updated, contain high quality challenges, or just have a lot of depth, these are probably where you want to spend the most time.

  - http://hax.tor.hu/


  - https://pwn0.com/


  - http://www.smashthestack.org/


  - http://www.hellboundhackers.org/


  - http://www.overthewire.org/wargames/


  - http://roothack.org/


  - http://intruded.net/


  - http://www.hackthissite.org/



Others

  - http://bright-shadows.net/


  - http://www.mod-x.co.uk/main.php


  - http://scanme.nmap.org/


  - http://rootcontest.com/


  - http://www.gat3way.eu/index.php

(Russian)
  - http://www.hackertest.net/



Webapp Specific

  - http://demo.testfire.net/


  - http://wocares.com/xsstester.php


  - http://crackme.cenzic.com/


  - http://test.acunetix.com/


  - http://zero.webappsecurity.com/


  - http://ha.ckers.org/challenge/


  - http://ha.ckers.org/challenge2/



Commercial


  - http://rtncyberjobs.com/


  - http://heorot.net/



Downloadable Offline Games

  - http://www.badstore.net/


  - http://www.owasp.org/index.php/Category ... at_Project


  - http://www.owasp.org/index.php/Owasp_SiteGenerator


  - Damn Vulnerable Web App http://www.ethicalhack3r.co.uk/damn-vulnerable-web-app/

  - Stanford SecureBench http://suif.stanford.edu/%7Elivshits/securibench/

  - Stanford SecureBench Micro http://suif.stanford.edu/%7Elivshits/wo ... nch-micro/

  - Damn Vulnerable Linux http://www.damnvulnerablelinux.org/
 
  - Mutillidae http://www.irongeek.com/i.php?page=secu ... asp-top-10
<<

rance

User avatar

Full Member
Full Member

Posts: 212

Joined: Thu Jan 03, 2008 5:24 pm

Location: Earth

Post Wed Oct 26, 2011 1:02 pm

Re: Web application testing lab

If you use Damn Vulnerable Web App (DVWA), don't forget to add the Web Services (DVWS) module: http://dvws.secureideas.net/downloads/index.html
Poking at security since 1986.  +++ATH
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Thu Oct 27, 2011 3:22 pm

Re: Web application testing lab

Even though it has been quite some time, InterN0T runs Capture-The-Flag challenges on occasion, and so does Offensive Security too. While InterN0T is mostly web-based, OffSec often contains some sort of Web App but is mostly focused on Exploit Development.

More information:
http://www.ethicalhacker.net/component/ ... ic,6001.0/
http://www.information-security-trainin ... s-your-fu/
I'm an InterN0T'er

Return to Web Applications

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software