The WebGoat Project has developed a free online tool used to test and uncover application flaws that might otherwise go unnoticed. In this episode of OWASP 24/7, we talk with two of the WebGoat team members, Rick Lawson and Jason White, about how WebGoat is being used and future plans.
More about WebGoat
WebGoat for J2EE is written in Java and therefore installs on any platform with a Java virtual machine. There are installation programs for Linux, OS X Tiger and Windows. Once deployed, the user can go through the lessons and track their progress with the scorecard