- Bricks is a deliberately vulnerable web application built on PHP and MySQL.
- The project focuses on variations of commonly seen application security vulnerabilities and exploits.
- Each ‘brick’ has some sort of vulnerability which can be exploited using tools (Mantra and ZAP).
- The mission is to ‘break the bricks’ and thus learn the various aspects of web application security.
|1||Log in page #1||bricks/login-1/||Text, Video|
|2||File upload page #1||bricks/upload-1/||Text, Video|
|3||Content page #1||bricks/content-1/||Text, Video|
|4||Log in page #2||bricks/login-2/||Text, Video|
|5||Content page #2||bricks/content-2/||Open for public to break.|
- Demonstrate maximum variations of most common vulnerabilities
- Help people to learn the need of secure codding practices and SSDLC
- Attract people to design more bricks
- Become a test bed for analyzing the performance of web application security scanners.
- Help people learn the manual method of testing the applications
- Demonstrate the possibilities of various security tools and techniques
- Become a platform to teach web application security in a class room/lab environment.