February 9, 2008
If you develop applications for the web understanding the latest security exploits is crucial to securing your site. WebGoat by the Open Web Application Security Project is a great tool to test your knowledge. WebGoat is a J2ee application designed to deploy to Tomcat. The application contains numerous security holes and lessons dedicated to showing users (hands on) how to exploit them. I highly recommend WebGoat and enjoyed going through the lessons. You will need WebScarab for the advanced lessons.