We are really excited to announce that SamuraiWTF 3.2 is now available publicly. This release is available at http://sourceforge.net/projects/samurai/ immediately and we hope you enjoy it.
In this release we have updated a number of tools, addressed bug issues, and improved the target environments to better suit a training environment. We have also updated the Zed Attack Proxy(ZAProxy) to version 2.4.0. This particular version introduces new feature sets such as advanced fuzzing, attack mode, and advanced scanning options that increases the ease of use for common feature sets. To get a more complete list of ZAProxy’s updated and newly released features, please view the documentation. In addition, we have added the SQuirreL Database Client for further exploration and training with this project.
If you are just getting into Web App Penetration Testing, keep a look out for our upcoming classes. The next one is in Austin, TX( details and registration here)! This class will walk you through the SamuraiWTF environment, tools and testing methodology. This is a unique opportunity to sit down and learn from some of the best around; and we have a rockin’ scavenger-hunt style CTF to test your new skills and get invaluable hands on training!
In future releases, we planning to expand our list of vulnerable apps to provide a more robust training environment. As always, we look forward to working with the entire community so if there is something that you would like to see added to Samurai WTF, feel free to reach out and let us know.
Marc Holloway is a Security Consultant with Secure Ideas. If you are in need of a penetration test or other security consulting services you can contact him at marc@secureideas.com, on Twitter @hackwhosnacks, or visit the Secure Ideas – ProfessionallyEvil site for services provided.