The last time Hackerfall tried to access this page, it returned a not found error. A cached version of the page is below, or click here to continue anyway


Ever met a myotonic goat?

Perhaps not, but youve likely heard of fainting goats. That is, goats believed to possess a specific genetic disorder, a problem in their code if you will.

When these particular goats are startled, a rotten bit code in their DNA causes them to instinctively stiffen their legs. This leads to them falling over near instantly, or at the very least, carrying on a stiff-legged shuffle around the farm.

In a mix of both sadness and intense laughter, watching a goat nearly, though quite literally, be scared to death can be enlightening. Interestingly enough, it turns out this laughing stock of the barnyard is also a great metaphor for applications with their own bad code. While scientists continue to study just whats going wrong in a myotonic goats code, you can now do the same, metaphorically speaking of course.

Meet Hack, the WebGoat!

A deliberately insecure application that allows interested developers just like you to test vulnerabilities commonly found in Java-based applications that use common and popular open source components.

Now, while we in no way condone causing intentional harm to any animal, goat or otherwise, we think learning everything you can about security vulnerabilities is essential to understanding just what happens when even a small bit of unintended code gets into your applications.

What better way to do that than with your very own scapegoat?

Feel free to do what you will with Hack. Poke, prod and if it makes you feel better, scare him until your hearts content. Go ahead, and Hack the goat. We promise he likes it.

- The WebGoat Team

P.S. We'd love to hear your thoughts. Be sure to take our short survey.

Maintained by WebGoat

Continue reading on