Description: ISSA Kentuckiana Regional Conference 2012: OWASP Track Presentation - NOWASP Mutillidae 2.3.7 - A deliberately vulnerable web pen testing environment.
This presentation is an overview of NOWASP Mutillidae covering downloading, basic installation options, pre-installed ISOs, functionality, vulnerabilities, and usage. The video, recorded by Adrian "Irongeek" Crenshaw, was presented by Jeremy Druin ("@webpwnized") for the ISSA.
NOWASP (Mutillidae) is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiest. NOWASP (Mutillidae) can be installed on Linux and Windows using LAMP, WAMP, and XAMMP for users who do not want to administrate a webserver. It is pre-installed on SamuraiWTF, Rapid7 Metasploitable-2, and OWASP BWA. The existing version can be updated on pre-installed platforms. With dozens of vulns and hints to help the user; this is an easy-to-use web hacking environment deliberately designed for labs, security enthusiast, classrooms, CTF, and vulnerability assessment tool targets. Mutillidae has been used in graduate security courses, corporate web sec training courses, and as an "assess the assessor" target for vulnerability assessment software.
Instructional videos using NOWASP (Mutillidae) are available on the "webpwnized" YouTube account at https://www.youtube.com/user/webpwnized. Updates on the project and video posts are tweeted to @webpwnized.
Latest from the SecurityTube Blog:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Original Source: http://www.youtube.com/watch?v=f8Dj3Szpflw