Introduction to Stanford SecuriBench

Stanford SecuriBench is a set of open source real-life programs to be used as a testing ground for static and dynamic security tools. Release .91a focuses on Web-based applications written in Java.

These applications suffer from a variety of vulnerabilities including

and potentially many others. All the benchmarks are Java J2EE applications that can be run on a Web server.

We collected these applications in the process of working on static error detection tools for security. We are releasing these applications with the hope of fostering collaboration between academic and industrial researches working in the area of application security.


Last modified on 12/21/05. [Home]