This post is continuation from previous post. We explore less common, however, still potentially very dangerous OWASP Top 10 threats. Here we go through 6th to 10th places in the list.
OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast. It features many vulnerabilities and challenges. Contains at least one vulnerability for each of the OWASP Top Ten.
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.