Monday, October 03, 2011

WAVSEP - Web Application Vulnerability Scanner Evaluation Project

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners.
This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners.
Additional information can be found in the developer's blog: http://sectooladdict.blogspot.com/
Project WAVSEP currently includes the following test cases:

Vulnerabilities:
  • Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST)
  • Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST )
  • Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST )
  • Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST )
False Positives:
  • 7 different categories of false positive Reflected XSS vulnerabilities (GET & POST )
  • 10 different categories of false positive SQL Injection vulnerabilities (GET & POST)
Additional Features:
  • A simple web interface for accessing the vulnerable pages
  • Sample detection & exploitation payloads for each and every test case
  • Database connection pool support, ensuring the consistency of scanning results
Although some of the test cases are vulnerable to additional exposures, the purpose of each test case is to evaluate the detection accuracy of one type of exposure, and thus, “out of scope” exposures should be ignored when evaluating the accuracy of vulnerability scanners.

To see more information and download this tool:
http://code.google.com/p/wavsep/downloads/list

No comments: