OWASP Mutillidae II – Another Vulnerable Web-application

OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast. Mutillidae can be installed on Linux and Windows using LAMP, WAMP, and XAMMP. It is pre-installed on SamuraiWTF and OWASP BWA.

The existing version can be updated on these platforms. With dozens of vulnerabilities.

OWASP Mutillidae II – Another Vulnerable Web-application
OWASP Mutillidae II – Another Vulnerable Web-application

Some of the features included with this platform are:

  • Has over 40 vulnerabilities and challenges. Contains at least one vulnerability for each of the OWASP Top Ten 2007, 2010, 2013 and 2017
  • Actually Vulnerable (User not asked to enter “magic” statement)
  • Mutillidae can be installed on Linux or Windows *AMP stacks making it easy for users who do not want to install or administrate their own webserver. Mutillidae is confirmed to work on XAMPP, WAMP, and LAMP.
  • Preinstalled on Rapid7 Metasploitable 2, Samurai Web Testing Framework (WTF), and OWASP Broken Web Apps (BWA)
  • System can be restored to default with single-click of “Setup” button
  • User can switch between secure and insecure modes
  • Used in graduate security courses, in corporate web sec training courses, and as an “assess the assessor” target for vulnerability software
  • Updated frequently

You can read more and download this framework over here: https://github.com/webpwnized/mutillidae

Share