WAVSEP is vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners.
The project builds with maven:
mvn install
You can run the project on a local Jetty server using the Jetty Maven plugin:
mvn jetty:run
To build the docker image, after the maven build, simply:
docker build -t wavsep .
docker build -t wavsepdb -f Dockerfile.mysql .
To launch the docker image with embedded tomcat server:
docker run -p 8080:8098 wavsep
WAVSEP - The Web Application Vulnerability Scanner Evaluation Project.
Copyright (C) 2014, Shay Chen. Docker, maven, jetty integration, Copyright (C) 2022, Arthur Taylor
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see https://www.gnu.org/licenses.