From b6cae66135a0984ab7ec577e45ab3ae14f7885f9 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Sat, 28 Jul 2018 22:16:24 -0400 Subject: [PATCH] Update README.md --- web_application_testing/README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/web_application_testing/README.md b/web_application_testing/README.md index 4a6f6a1..16dc762 100644 --- a/web_application_testing/README.md +++ b/web_application_testing/README.md @@ -11,6 +11,19 @@ The following are a few popular tools that you learned in the video courses part * [httrack](https://www.httrack.com/) * [skipfish](https://code.google.com/archive/p/skipfish/) +## WebSploit + +[WebSploit](http://h4cker.org/websploit) is a virtual machine (VM) created by [Omar Santos](https://omarsantos.io) for different Cybersecurity Ethical Hacking (Web Penetration Testing) training sessions delivered at [DEFCON](https://www.wallofsheep.com/blogs/news/packet-hacking-village-workshops-at-def-con-26-finalized), [Live Training in Safari](https://www.safaribooksonline.com/search/?query=omar%20santos&extended_publisher_data=true&highlight=true&is_academic_institution_account=false&source=user&include_assessments=false&include_case_studies=true&include_courses=true&include_orioles=true&include_playlists=true&formats=live%20online%20training&sort=relevance), [video on demand LiveLessons](https://www.safaribooksonline.com/search/?query=omar%20santos&extended_publisher_data=true&highlight=true&is_academic_institution_account=false&source=user&include_assessments=false&include_case_studies=true&include_courses=true&include_orioles=true&include_playlists=true&formats=video&sort=relevance), and others. + +The purpose of this VM is to have a lightweight (single VM) with a few web application penetration testing tools, as well as vulnerable applications. + +The following are the vulnerable applications included in [WebSploit](http://h4cker.org/websploit): +- Damn Vulnerable Web Application (DVWA) +- WebGoat +- Hackazon +- OWASP Juice Shop +- OWASP Mutillidae 2 + ## How to Integrate OWASP ZAP with Jenkins You can integrate ZAP with Jenkins and even automatically create Jira issues based on your findings. You can download the [ZAP plug in here](https://wiki.jenkins.io/display/JENKINS/zap+plugin).