
Web Application Exploits and Defenses - boredgamer2
http://google-gruyere.appspot.com/
======
Grimm1
This is something I went through several years ago before the college lab I
was a part of put together our own curriculum its a pretty good primer IMO

------
29athrowaway
Is it similar to OWASP WebGoat?

[https://owasp.org/www-project-webgoat/](https://owasp.org/www-project-
webgoat/)

------
vz8
Malwarebytes endpoint protection blocked me from visiting on suspicion that
the site contains a Trojan.

------
yodon
Are there other courses laid out like this? This looks fascinating!

~~~
Thorrez
[https://xss-game.appspot.com/](https://xss-game.appspot.com/) (this has a lot
of overlap with gruyere)

[https://github.com/cure53/XSSChallengeWiki/wiki](https://github.com/cure53/XSSChallengeWiki/wiki)

[https://sites.google.com/site/infosecrocks/](https://sites.google.com/site/infosecrocks/)
(this links to some of the other stuff I mentioned)

[https://www.hacking-lab.com](https://www.hacking-lab.com)

There's also these 2 advanced XSS challenges:

[https://alf.nu/alert1](https://alf.nu/alert1)

[https://prompt.ml/0](https://prompt.ml/0)

I'm not sure if they're still functional, I think some of their solutions
require functionality that browsers have since changed.

You might also want to check out the Youtube channel Live Overflow:

[https://www.youtube.com/channel/UClcE-
kVhqyiHCcjYwcpfj9w](https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w)

~~~
uzakov
Another web and mobile application security training platform:
[https://github.com/OWASP/SecurityShepherd](https://github.com/OWASP/SecurityShepherd)

------
Leherenn
As a pedantic note, Gruyere does not have holes. Emmentaler is probably the
one people are thinking of.

~~~
andimm
appartently the french Gruyère has small holes. who knew...

[https://de.wikipedia.org/wiki/Gruy%C3%A8re_(K%C3%A4se)](https://de.wikipedia.org/wiki/Gruy%C3%A8re_\(K%C3%A4se\))

