Web Security Dojo – Training Environment For Web Application Security

Your website & network are Hackable

Web Security Dojo is a free open-source self-contained training environment for Web Application Security penetration testing. Tools + Targets = Dojo

Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v9.10.


The Web Security Dojo is for learning and practicing web app security testing techniques. It is ideal for training classes and conferences since it does not need a network connection. The Dojo contains everything needed to get started – tools, targets, and documentation.

Web Security Dojo currently contains:

Targets –

  • OWASP’s WebGoat v5.2
  • Damn Vulnerable Web App v1.0.6
  • Hacme Casino v1.0
  • OWASP InsecureWebApp v1.0
  • Simple training targets by Maven Security (including REST and JSON)

Tools –

  • Burp Suite (free version) v1.3
  • w3af cvs version
  • OWASP Skavengerv0.6.2a
  • OWASP Dirbuster v1.0 RC1
  • Paros v3.2.13
  • Webscarab v20070504-1631
  • Ratproxy v1.57-beta
  • sqlmap v0.7
  • Helpful Firefox add-ons

You can download Web Security Dojo here:

VMWare image – dojo_v1.0-vmware.zip
VirtualBox image – dojo_v1.0-virtualbox.zip

Or read more here.

Posted in: Hacking Tools, Web Hacking

, , , , , , , , , , , ,

Recent in Hacking Tools:
- MANA Toolkit – Rogue Access Point (evilAP) And MiTM Attack Tool
- BBQSQL – Blind SQL Injection Framework
- DET – Data Exfiltration Toolkit

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,991,947 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,476,661 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 686,948 views

Get protected with Sucuri

Comments are closed.