Bricks, a deliberately vulnerable web application built on PHP & MySQL focuses on variations of commonly seen application security vulnerabilities & exploits, which can be exploited using tools (Mantra & ZAP). The mission is to ‘break the bricks’.
- Demonstrate maximum variations of most common vulnerabilities
- Help people to learn the need of secure codding practices and SSDLC
- Attract people to design more bricks
- Become a test bed for analyzing the performance of web application security scanners.
- Help people learn the manual method of testing the applications
- Demonstrate the possibilities of various security tools and techniques
- Become a platform to teach web application security in a class room/lab environment.
It’s a great way to learn the basics of web security, both from a developers perspective and from someone interesting in learning pen testing for web apps, if you want to check out more projects similar to Bricks, there a whole bunch here:
You can download Bricks here:
Or read more here.