One could used interecepting proxy for education purposes i.e., performing penetration testing on web applications. WebScarab is an excellent web-based tool for penetration testing and related security experimentations.
Also, one could tweak vulnerable applications here (link)
For Microsoft Outlook Web App 2010. The Exchange 2010 Security Guides(http://technet.microsoft.com/en-us/library/aa996775.aspx
ReplyDelete). It is helpful and provide good configuration settings for IIS 7.5 (Web Server Footprint, Web site OWA Isolation)