Skip to content

Commit

Permalink
Update README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@santosomar
santosomar authored Sep 4, 2020
1 parent 729533d commit 36c2698
Showing 1 changed file with 4 additions and 6 deletions.
10 changes: 4 additions & 6 deletions web_application_testing/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,19 +10,17 @@ The following are a few popular tools that you learned in the video courses part
* [sqlmap](http://sqlmap.org/)
* [httrack](https://www.httrack.com/)
* [skipfish](https://code.google.com/archive/p/skipfish/)
* [nikto](https://cirt.net/Nikto2)
* [ffuf](https://github.com/ffuf/ffuf)

Article: [A Quick Guide to Using ffuf with Burp Suite](https://medium.com/@santosomar/a-quick-guide-to-using-ffuf-with-burp-suite-713492f62242)

## WebSploit

[WebSploit](https://websploit.h4cker.org/) is a virtual machine (VM) created by [Omar Santos](https://omarsantos.io) for different Cybersecurity Ethical Hacking (Web Penetration Testing) training sessions delivered at [DEFCON](https://www.wallofsheep.com/blogs/news/packet-hacking-village-workshops-at-def-con-26-finalized), [Live Training in Safari](https://www.safaribooksonline.com/search/?query=omar%20santos&extended_publisher_data=true&highlight=true&is_academic_institution_account=false&source=user&include_assessments=false&include_case_studies=true&include_courses=true&include_orioles=true&include_playlists=true&formats=live%20online%20training&sort=relevance), [video on demand LiveLessons](https://www.safaribooksonline.com/search/?query=omar%20santos&extended_publisher_data=true&highlight=true&is_academic_institution_account=false&source=user&include_assessments=false&include_case_studies=true&include_courses=true&include_orioles=true&include_playlists=true&formats=video&sort=relevance), and others.

The purpose of this VM is to have a lightweight (single VM) with a few web application penetration testing tools, as well as vulnerable applications.

The following are the vulnerable applications included in [WebSploit](https://websploit.h4cker.org/):
- Damn Vulnerable Web Application (DVWA)
- WebGoat
- Hackazon
- OWASP Juice Shop
- OWASP Mutillidae 2

## How to Integrate OWASP ZAP with Jenkins
You can integrate ZAP with Jenkins and even automatically create Jira issues based on your findings. You can download the [ZAP plug in here](https://wiki.jenkins.io/display/JENKINS/zap+plugin).
Expand Down

0 comments on commit 36c2698

Please sign in to comment.