I’ve completed the Web Goat tutorials. This is an excellent resource to introduce yourself to web vulnerabilities. It’s a stand alone vulnerable web application. A series of exercises are provided that walk you through the exploitation of these vulnerabilities.
The tutorials are backed with a strong list of solution videos.
I’m using the free version of Burp Suite to intercept browser traffic.
Just a couple of things of interest, in case you are new to the whole area of web vulnerabilities. I’m running Web Goat on Windows XP. If you are running Windows you will need to install Java on your machine. You will also need to include Java in your Windows PATH to start the Tomcat server that comes with Web Goat.
Also, for those looking for an introduction to web vulnerabilities. Here’s an excellent intro video to the area from the NY Poly Cryptocity site