Bricks, a deliberately vulnerable web application built on PHP & MySQL focuses on variations of commonly seen application security vulnerabilities & exploits, which can be exploited using tools (Mantra & ZAP). The mission is to ‘break the bricks’.
- Demonstrate maximum variations of most common vulnerabilities
- Help people to learn the need of secure codding practices and SSDLC
- Attract people to design more bricks
- Become a test bed for analyzing the performance of web application security scanners.
- Help people learn the manual method of testing the applications
- Demonstrate the possibilities of various security tools and techniques
- Become a platform to teach web application security in a class room/lab environment.
It’s a great way to learn the basics of web security, both from a developers perspective and from someone interesting in learning pen testing for web apps, if you want to check out more projects similar to Bricks, there a whole bunch here:
You can download Bricks here:
Or read more here.
- Rowhammer – DDR3 Exploit – What You Need To Know
- Santoku Linux – Mobile Forensics, Malware Analysis, and App Security Testing LiveCD
- Google Expands Pwnium Year Round With Infinite Bounty
- The Top 10 PHP Security Vulnerabilities from OWASP
- OWASP (Open Web Application Security Project) Testing Guide v3 Released
- Mutillidae – Vulnerable Web-Application To Learn Web Hacking
Most Read in Exploits/Vulnerabilities:
- Learn to use Metasploit – Tutorials, Docs & Videos - 229,589 views
- AJAX: Is your application secure enough? - 119,410 views
- eEye Launches 0-Day Exploit Tracker - 85,199 views