Web Security Dojo is a turnkey web application security lab with tools, targets, and training materials built into a Virtual Machine(VM). It is ideal for both self-instruction and training classes since everything is pre-configured and no external network connection is needed. All tools and targets are configured to use non-conflicting ports and a Firefox proxy switcher is set up to match.
Web Security Dojo is an open source project built on Ubuntu and hosted at SourceForge. It is available in three flavors: a Virtualbox VM, VMWare VM, and a build script which can be used on a standard Ubuntu 9.10 install to produce the Dojo. Collaboration and contributions are welcomed.
Looks pretty promising, I will be checking this out and writing more (as usual, when my “relaxed” schedule allows me to) later. But this looks like one of those training tools that I wished existed far earlier: a full environment with the targets and tools to let you learn and train your web application security kung-fu.
So what’re you waiting for ?! Go grab a copy and try it out! Unless you really really want to see a review from me first. Heeeyyaaaahhhh!!