nerdexam
Exams312-50V9Questions#418
EC-Council

312-50V9 · Question #418

312-50V9 Question #418: Real Exam Question with Answer & Explanation

The correct answer is B: WebGoat. WebGoat is the official OWASP project that provides a deliberately insecure web application used to practice and teach common web vulnerabilities in a safe environment.

Question

Which Open Web Application Security Project (OWASP) implements a web application full of known vulnerabilities?

Options

  • AWebBugs
  • BWebGoat
  • CVULN_HTML
  • DWebScarab

Explanation

WebGoat is the official OWASP project that provides a deliberately insecure web application used to practice and teach common web vulnerabilities in a safe environment.

Common mistakes.

  • A. WebBugs refers to small invisible tracking images historically used for surveillance in email and web pages - it is not an OWASP project or a vulnerable training application.
  • C. VULN_HTML is not a recognized OWASP project or standard tool name; it does not exist as a real vulnerability training application.
  • D. WebScarab was an OWASP tool that functioned as an HTTP/HTTPS proxy for intercepting and analyzing web traffic - it is a testing proxy, not a vulnerable target application.

Concept tested. OWASP WebGoat intentionally vulnerable application

Reference. https://owasp.org/www-project-webgoat/

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V9 Practice