OWASP VulnerableApp

The OWASP VulnerableApp is a modular application intentionally designed to have vulnerabilities for testing, scanning, and educational purposes. This project allows security professionals, researchers, and educators to validate and benchmark security scanners across reproducible test scenarios.

Key Features

• Scanner Benchmarking: Validate the effectiveness of security tools like Burp Suite and OWASP ZAP through detailed benchmarking.
• Modular Vulnerability Design: Create new testing scenarios without altering the core framework, enhancing flexibility and adaptability.
• Security Regression Testing: Monitor and validate security measures across different versions and environments.
• Realistic Attack Simulations: Implement and test modern web application patterns for a comprehensive security evaluation.
• Deterministic Vulnerabilities: Ensure consistent scanning results through controlled test scenarios.

Benefits

The OWASP VulnerableApp provides significant advantages, including:

• Validation of security tools against known vulnerabilities.
• Creation of controlled environments for experimental security testing.
• Expansion of vulnerability coverage to address evolving attack strategies.
• Implementation of reliable, repeatable testing pipelines.

User Interface

Supported Vulnerability Types

The application currently handles various types of vulnerabilities including:

• JWT Vulnerability
• Command Injection
• Cryptography Failures
• File Upload Vulnerability
• Path Traversal Vulnerability
• SQL Injection (including various subtypes)
• Cross-Site Scripting (XSS)
• XML External Entity (XXE)
• Open Redirect
• Server-Side Request Forgery (SSRF)
• Insecure Direct Object References (IDOR)
• Clickjacking
• LDAP Injection
• Authentication Vulnerabilities

Benchmarking Scanners

OWASP VulnerableApp includes a comparator tool for evaluating a scanner's performance. It generates coverage reports based on the findings against built-in ground truths, supporting both DAST and SAST scanners. The benchmark can be executed using:

POST http://<baseurl>/VulnerableApp/scanner/benchmark

The payload structure varies slightly between DAST and SAST, ensuring flexibility based on the tools used:

• DAST Payload: { tool, scanType: "DAST", findings: [{ url, type, cwe, wascId }] }
• SAST Payload: { tool, scanType: "SAST", findings: [{ filePath, line, cwe, type }] }

Documentation and Resources

• Official Documentation
• Design Documentation
• Overview Video
• Medium Article on OWASP VulnerableApp

OWASP VulnerableApp emphasizes automation, reproducibility, and continuous evolution in the realm of security testing, setting a new standard in the assessment and training of security tools. Whether for educational purposes or professional development, this application serves as a pivotal tool in the modern security landscape.