An extensible Vulnerable Application for testing the Vulnerability scanning tools
An extensible Vulnerable Application for testing the Vulnerability scanning tools Anyone working in the cyber security domain or starting with cyber security will be introduced to one or the other Vulnerable applications as their playground. These applications are used to understand each vulnerability and to learn about how to mitigate them. I was introduced to BWAPP(Buggy Web Application) and DVWA(Damn Vulnerable Web Application). The great thing about these applications(BWAPP and DVWA) is that they cover a lot of vulnerabilities from the OWASP list of vulnerabilities. However, whenever the Vulnerability Scanner Tool developer has a new requirement to add a new scan rule or to modify an existing scan rule, these existing vulnerability scanning applications will not be able to help. The existing vulnerable applications are not meeting the demands of developers of vulnerability scanning tools, the developers end up writing their own vulnerable applications to test their scanning tools