NOWASP – Multillidae: Test Your Hackers Skills!

Wanted to test your skills in penetration testing and ethical hacking? Download NOWASP (Multillidae), Web penetration testing practice application! NOWASP (Mutillidae) is an open source web application (free) that can be used by penetration testers practitioners and ethicals hackers in testing their skills in web application pentesting and exploit finding.

Download NOWASP – Multillidae: Web Application Penetration Testing!

The NOWASP (Multillidae) can be installed on either Windows and Linux. It can be installed Windows XP and Windows 7 machines by using XAMMP, which makes it easier for Windows users to deploy Apache and PHP in their machines and administer a webserver. Note that NOWASP (Mutillidae) us already installed on Samurai WTF and Rapid7 Metasploitable-2.

Read this how to install Multillidae on XAMPP guide.

NOWASP Mutillidae Web Pen Test Practice Application

So why use Mutillidae in penetration testing practice? NOWASP contains dozens of vulnerabilities, as well as giving out hints to help user. It also provides an easy to use web hacking environment where you can setup. The environment itself is designed to be used as a lab for security enthusiast like penetration testers and ethical hackers.

NOWASP – Multillidae Features:

  • Can be installed on Linux, Windows XP, and Windows 7 using XAMMP
  • Easily installs by dropping project files into the “htdocs” folder of XAMPP.
  • Already preinstalled on Rapid7 Metasploitable 2
  • Already preinstalled on Samurai Web Testing Framework (WTF)
  • Contains dozen of vulnerablities and challenges
  • System itself can be restored to default with only one click using the “Setup” button
  • Can switch between secure and insecure mode
  • The source code files both secure and insecure source code are stored in the same PHP file for easy comparison
  • Already being used in graduate security courses, in corporate web security training courses, and as an “assess the assessor” target for vulnerability software
  • Already contains 2 levels of hints to help users get started
  • Instructional Videos can be seen on:
  • Has its updates tweeted to @webpwnized
  • NOWASP Mutillidae has been tested/attacked with Cenzic Hailstorm ARC, W3AF, SQLMAP, Samurai WTF, Backtrack, HP Web Inspect, Burp-Suite, NetSparker Community Edition, and other penetration testing tools.

Download the latest Mutillidae version here.