Introduction to Stanford SecuriBench
Stanford SecuriBench is a set of open source real-life programs to be used as a testing ground for static and dynamic security tools. Release .91a focuses on Web-based applications written in Java.
These applications suffer from a variety of vulnerabilities including
- SQL injection attacks
- Cross-site scripting attacks
- HTTP splitting attacks
- Path traversal attacks
We collected these applications in the process of working on static error detection tools for security. We are releasing these applications with the hope of fostering collaboration between academic and industrial researches working in the area of application security.