Setup a AltoroJ environment for Practicing Web Application Security (w/ Ubuntu18, JDK8, Tomcat7)
What is AltoroJ? AltoroJ is a sample banking J2EE web application built by IBM AppSec team. It shows what happens when web applications are written with consideration of app functionality but not app security. It is open-sourced, so everyone could download it to learn security issues & get a flavor of how to build a penetration testing lab : ) AltoroJ uses standard Java & JSP as its programming languages and it doesn't rely on additional frameworks which make people easier to understand the program directly. AltoroJ currently, being used to demonstrate application security vulnerabilities, educate people on how easy some of these issues could be exploited and how severe the impact may be. *Github Project link: https://github.com/AppSecDev/AltoroJ/ *You could also enjoy the online version without suffering from installing the environment by http://altoromutual.com:8080/ . Steps to setup AltoroJ for our test environment & development: 1. Get