File	Date	Author	Commit
dev-related	2019-09-03	Gionne Cannister	[acda8b] Adds additional cleanup and instructions to shr...
xss_cheat_sheet_2	2012-07-02	Steve Pinkham	[8612ae] Add rsnake xss cheatsheet beta 2
GettingStarted.html	2017-09-07	Steve Pinkham	[d3185c] Fix Getting Started html
GettingStarted.textile	2017-09-07	Steve Pinkham	[d3185c] Fix Getting Started html
README.html	2017-04-04	Steve Pinkham	[c28cbe] Update readme to claim 16.04 xubuntu
README.textile	2017-04-04	Steve Pinkham	[c28cbe] Update readme to claim 16.04 xubuntu
WASC_Threat_Classification_v1.desktop	2012-05-03	Steve Pinkham	[b47f07] Target modernization
WASC_Threat_Classification_v2.desktop	2010-04-07	Steve Pinkham	[be5d7a] Add WASC threat v2 and OWASP top 10 2010 RC1
description_for_vbox.txt	2012-07-26	Steve Pinkham	[2ea42a] New description for vbox for dojo 2 release
html5sec.desktop	2012-07-02	Steve Pinkham	[712e2c] Fix html5 cheatsheet menu item
owasp_testing_guide_v3.desktop	2012-05-03	Steve Pinkham	[c48756] Fix doc links
owasp_testing_guide_v4.desktop	2014-09-25	Steve Pinkham	[2b3cc8] Add OWASP testing guide v4
owasp_top_ten_2010.desktop	2012-05-03	Steve Pinkham	[c48756] Fix doc links
owasp_top_ten_2013.desktop	2017-04-04	Steve Pinkham	[3b5586] More doc fixes
rsnake_xss.desktop	2012-07-02	Steve Pinkham	[934d19] Add rsnake cheatsheet links

Read Me

<h1>Web Security Dojo</h1>
<p>An open source self-contained training environment for Web Application Security penetration testing.  <br />
Tools + Targets = Dojo</p>
<h3>What?</h3>
<p>Various web application security testing tools and vulnerable web applications were added to a clean install of xubuntu 16.04.  Build scripts are available in git at Sourceforge.</p>
<h3>Why?</h3>
<p>For learning and practicing web app security testing techniques.  It does not need a network connection since it contains both tools and targets.  Therefore, it is ideal for self-study, training classes, and conferences.  Also, this removes the possibility of remote attack on the targets, which are insecure by design.</p>
<h3>Where?</h3>
<p>See <a href="http://dojo.mavensecurity.com">http://dojo.mavensecurity.com</a> for more details and updates.</p>
<h3>Who?</h3>
<p>Sponsored by Maven Security Consulting.  Open source, so contributions, suggestions, and collaboration is welcome.</p>
<h1>Credits</h1>
<p>Thanks go out to:</p>
<p><a href="http://www.ubuntu.com">Ubuntu</a> for making a really nice Linux	<br />
Splash screen and desktop background based on <a href="http://commons.wikimedia.org/wiki/File:Kendoka,_Torino.jpg">work</a> by Flickr.com user &#8220;Lucio&#8221;<br />
<a href="http://www.owasp.org"><span class="caps">OWASP</span></a> for various tools and information, and leading the industry as an educational institution.<br />
PortSwigger for <a href="http://www.portswigger.net/suite/">Burp Suite</a>. Redistributed with permission <br />
ethicalhack3r for <a href="https://sourceforge.net/projects/dvwa/"><span class="caps">DVWA</span></a> <br />
Foundstone for <a href="https://sourceforge.net/scm/?type=cvs&amp;group_id=143089">Hacme Casino</a> <br />
lcamtuf for <a href="http://code.google.com/p/ratproxy/">Ratproxy</a><br />
Bernardo Damele A. G. and Daniele Bellucci for <a href="http://sqlmap.sourceforge.net/">sqlmap</a><br />
Matthias Rohr for <a href="http://www.owasp.org/index.php/Category:OWASP_Skavenger_Project">Skavenger</a><br />
Chris Sullo for <a href="http://code.google.com/p/davtest/">Davtest</a><br />
Bruce Leban, Mugdha Bendre, and Parisa Tabriz for <a href="http://google-gruyere.appspot.com/">Gruyere</a><br />
Lawrence Angrave for <a href="http://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project">insecure web app</a><br />
Ian de Villiers for <a href="http://www.sensepost.com/labs/tools/pentest/j-baah">J-Baah</a><br />
Yiannis Pavlosoglou and Nathan Sportsman for <a href="http://www.owasp.org/index.php/Category:OWASP_JBroFuzz#tab=Project_Details">jbrofuzz</a><br />
HD Moore and the metasploit team for <a href="http://www.metasploit.com/">metasploit</a><br />
Fortify Software, Inc for &#8220;<span class="caps">RATS</span>&#8221;: https://www.fortify.com/ssa-elements/threat-intelligence/rats.html<br />
lcamtuf for <a href="http://code.google.com/p/skipfish/">skipfish</a><br />
Andres Riancho and the <a href="http://w3af.sourceforge.net/">w3af project</a> for w3af and the w3af test environment<br />
Bruce Mayhew and the webgoat team for <a href="http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project">webgoat</a><br />
<span class="caps">GNUCITIZEN</span> for <a href="http://www.websecurify.com">websecurify</a><br />
Tasos Zapotek Laskos for &quot;Arachni:http://zapotek.github.com/arachni/<br />
Psiinon and the <span class="caps">ZAP</span> team for <a href="https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project"><span class="caps">OWASP</span> Zed Attack Proxy</a><br />
Andreas Schmidt for <a href="http://sourceforge.net/apps/mediawiki/watobo/index.php"><span class="caps">WATOBO</span></a><br />
Shay Chen for <a href="http://code.google.com/p/wavsep/"><span class="caps">WAVSEP</span></a><br />
BeEF developers for <a href="http://beefproject.com/">BeEF</a><br />
Many other open source/free software developers who have created great foundational tools</p>