The presentation will include a demonstration of some of the realistic, vulnerable web applications within the Open Web Application Security Project (OWASP) Broken Web Application (BWA) project, including applications written in PERL, PHP and Rails. The presentation will demonstrate the many benefits of such vulnerable applications including: Testing web application scanners (people) Testing web application scanners (products) Testing source code analysis tools Examining code that allows the vulnerabilitie Testing web application firewalls