WebApp Sec mailing list archives
Hacme Casino v1.0
From: <alex.smolen () foundstone com>
Date: Thu, 24 Aug 2006 17:15:07 -0700
Announcing the new addition to the Hacme, Inc. series of Foundstone free tools, Hacme Casino! Hacme Casino is an online casino, built with Ruby on Rails, with plenty of AJAX functionality. It has security vulnerabilities "baked-in", and is meant to help educate developers and testers about web application security in the context of new technologies. If you are interested in the security aspects Ruby on Rails and AJAX, give Hacme Casino a try. It's a completely self-contained Ruby WEBrick server and Rails application in a simple exe. Vulnerabilities: Blind SQL Injection Cross-Site Request Forgery Improper Session Management Good, old fashioned cheating! Features: Multiple Users (Login and Register) Blackjack Video Poker Roulette (Coming Soon!) http://www.foundstone.com/resources/proddesc/hacmecasino.htm So go ahead, try your luck, see if you can break the bank at Hacme Casino! Alex Smolen Hacme Casino Author Consultant, Foundstone Professional Services ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download a Free Trial of AppScan today! https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnG --------------------------------------------------------------------------
Current thread:
- Hacme Casino v1.0 alex.smolen (Aug 24)