mutillidae
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets. (by webpwnized)
Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks. (by mikeroyal)
Our great sponsors
| mutillidae | Open-Source-Security-Guide | |
|---|---|---|
| 5 | 23 | |
| 1,169 | 846 | |
| - | - | |
| 7.8 | 6.4 | |
| 3 months ago | 4 months ago | |
| PHP | Go | |
| GNU General Public License v3.0 only | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
mutillidae
Posts with mentions or reviews of mutillidae.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-11-15.
-
If you're looking for resources pertaining to hands-on practical demonstrations of learned skills and tools/techniques, look no further.
There's also a bunch of intentionally vulnerable Webapps and VMs aimed at demonstrating potential footholds and common exploits leading to owning of the host including but not limited to: bWAPP, Damn Vulnerable Web App, WebGoat, Metasploitable 3, Mutillidae, Juice Shop
- Web App Pentesting Course
-
What is the best linux distro for begginers?
I would recommend getting an Ubuntu server VM and installing Mutillidae (and/or OWASP Juice Shop). First learn how to configure and harden your Ubuntu server. Then add it to an internal network with a few other VMs and examine what happens, how they communicate, etc. Then open up your Kali and have some fun with Mutillidae or Juice Shop.
-
Teaching question: making an unsafe site available to students?
We use OWASPs Mutillidae.
-
Question
The WAHH contains a pretty solid baseline for understanding web vulnerabilities, but the latest version is from 2011 so it's missing a decade of new techniques. It's not a terrible place to start since a lot of the fundamentals haven't changed in a while, but you'll definitely want to look into things like (as mentioned in another comment) the Web Security Academy as a next step. Other fun options are the OWASP Juice Shop and Mutillidae applications.
Open-Source-Security-Guide
Posts with mentions or reviews of Open-Source-Security-Guide.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-07-16.
-
Degree vs Certifications
Cyber Security is one of the biggest needs in the industry right now as well. This Github has a lot of information for all the different areas.
-
Open Source Security Development
Useful Tools and Resources for those getting into IT Security development such as Security Standards, Frameworks, Threat Models, Encryption, and Benchmarks.
-
Open Source Security Guide
Useful Tools and Resources for Open Source Security development.
I found this useful Open Source Security Guide. I thought I'd share for anyone that's interested .
-
New to Forensics, Drop some Forensics tools/training content
Open sourse OS that comes preintalled with lots of tools we use includijg a software write blocker. Best for investigating an image of an infected device. https://tsurugi-linux.org/ IR plan https://github.com/guardsight/gsvsoc_cybersecurity-incident-response-plan Very detailed IR battle cards https://github.com/guardsight/gsvsoc_cirt-playbook-battle-cards IR focused guide that lists lots of helpful tools and resources, like things to use for reverse engineering. https://github.com/mikeroyal/Open-Source-Security-Guide
-
Useful Security Guide
Found a useful set of Tools, Programs, and Learning Resources for Security. It covers Security Standards, Frameworks, Benchmarks , and Networking.
- Found a useful Open Source Security Guide
- Found a useful Security Guide
What are some alternatives?
When comparing mutillidae and Open-Source-Security-Guide you can also consider the following projects:
DVWA - Damn Vulnerable Web Application (DVWA)
dependency-track - Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
juice-shop - OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
secureCodeBox - secureCodeBox (SCB) - continuous secure delivery out of the box
flexio-web-app - Flex.io Web App
gsvsoc_cirt-playbook-battle-cards - Cyber Incident Response Team Playbook Battle Cards
WhatWeb - Next generation web scanner
bulk_extractor - This is the development tree. Production downloads are at:
laravel-electron - Making Laravel desktop application using Electron Js
gotestwaf - An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
faraday - Open Source Vulnerability Management Platform
slsa-github-generator - Language-agnostic SLSA provenance generation for Github Actions
mutillidae vs DVWA
Open-Source-Security-Guide vs dependency-track
mutillidae vs juice-shop
Open-Source-Security-Guide vs secureCodeBox
mutillidae vs flexio-web-app
Open-Source-Security-Guide vs gsvsoc_cirt-playbook-battle-cards
mutillidae vs WhatWeb
Open-Source-Security-Guide vs bulk_extractor
mutillidae vs laravel-electron
Open-Source-Security-Guide vs gotestwaf
mutillidae vs faraday
Open-Source-Security-Guide vs slsa-github-generator