Jarlsberg Tool shows 'how to exploit & protect web application vulnerabilities' by Google Labs and Google Code University

“To help employees to have a firm understanding of the threats Google services face, as well as how to help protect against those threats, Google released “Jarlsberg,” a small yet full-featured microblogging application to teach about security. More specifically, it’s a tool to show how to exploit web applications and, in turn, protect against those […]

“To help employees to have a firm understanding of the threats Google services face, as well as how to help protect against those threats, Google released “Jarlsberg,” a small yet full-featured microblogging application to teach about security. More specifically, it’s a tool to show how to exploit web applications and, in turn, protect against those exploits when developing software. Jarlsberg is the software component of "Web Application Exploits and Defenses" codelab being released on Google Labs in coordination with Google Code University. Codelab walks participants through a number of common web app vulnerability types and demos how an attacker could exploit vulnerabilities, that include: cross-site scripting (XSS), cross-site request forgery (XSRF) and cross-site script inclusion (XSSI), as well as client-state manipulation, path traversal and AJAX and configuration vulnerabilities. It also shows how simple bugs can lead to information disclosure, denial-of-service and remote code execution,” explains Google. To get started:

Refer: instructor's guide | Google Code University

[Source]