+ Reply to Thread
Results 1 to 6 of 6
  1. Surf Guitar Guy tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    509

    Certifications
    SSCP, Security+ +4
    #1

    Default Anybody use bWAPP?

    I just discovered bWAPP and installed Bee-Box to run on Oracle VirtualBox. I found a couple of great tutorials:

    Install it on VirtualBox: https://www.youtube.com/watch?v=syBbcK9PrA0

    Bucky Roberts' Burp Suite training using bWAPP: https://www.youtube.com/watch?v=hQsT...eC435tU3_1YGzV

    All of Bucky's tutorials are great, as far as I'm concerned. In this one, Bucky teaches Burp Suite and uses bWAPP as a target.

    If you've used bWAPP/Bee-Box, how do you like it compared with other intentionally vulnerable systems?

    It took me awhile to get the keyboard layout right. Seems the default is a European keyboard. But also, I'm having trouble getting the screen resolution down to something easier to work with. The best I've been able to get is everything full size, like a system configuration popup takes up the full screen. I'll keep looking for ways to adjust the screen resolution. If you have any suggestions, I'd love to hear them.

    Also, is there a way to get it to display on two screens?

    Thanks!

    Update: I installed bWAPP on Kali Linux thanks to this tutorial: https://www.youtube.com/watch?v=XDCZ8FC856s
    Last edited by tedjames; 10-01-2017 at 06:28 PM.
    Reply With Quote Quote  

  2. SS -->
  3. Surf Guitar Guy tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    509

    Certifications
    SSCP, Security+ +4
    #2
    I guess I'm the lone ranger. So far, it's been great. I've been using it to learn Burp Suite and will run other tools against it eventually.

    Forget that YouTube link. Apparently, this guess has reposted Bucky's videos, and they are incomplete. Instead, you can get the entire Burp/bWAPP course here: https://thenewboston.com/
    Reply With Quote Quote  

  4. Member
    Join Date
    Nov 2011
    Location
    UK
    Posts
    49
    #3
    That is seriously freaky, i have been looking a bee-box over the last few days.

    From what i have tried it hasn't been too bad. I am going to try DVWA and Mulltidae next I think.

    Cheers
    Chard
    Reply With Quote Quote  

  5. Senior Member xxxkaliboyxxx's Avatar
    Join Date
    Dec 2013
    Location
    Cyber, USA
    Posts
    427

    Certifications
    GCIH, C|EH, Sec+, eJPT, SCCC
    #4
    I use Bwapp, along with DVWA, metaspolitalbe, WebGoat and vulnhub VMs. They are all really nice to attack in your VM labs.
    Studying: GPEN
    Reading
    : SANS SEC560
    Upcoming Exam: GPEN
    Reply With Quote Quote  

  6. Surf Guitar Guy tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    509

    Certifications
    SSCP, Security+ +4
    #5
    Here are some more:
    https://www.checkmarx.com/2015/04/16/15-vulnerable-sites-to-legally-practice-your-hacking-skills/

    https://www.checkmarx.com/2015/11/06...nfosec-skills/

    That's a mess o' vulnerabilities! I'm hoping to get more into some of these as I go.

    Chard posted this in another area. Looks great: https://pentest.training/

    Last edited by tedjames; 10-07-2017 at 04:09 AM.
    Reply With Quote Quote  

  7. Surf Guitar Guy tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    509

    Certifications
    SSCP, Security+ +4
    #6
    This is odd. When I try to go to any of the SQL Injection vulnerabilities, I get a blank screen. Every other type works.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks