vulnerable-application

There are 46 repositories under vulnerable-application topic.

  • vapi

    roottusk/vapi

    vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

    Language:HTML1.2k1927300

  • rewanthtammana/Damn-Vulnerable-Bank

    Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

    Language:Java6361910178

  • oversecured/ovaa

    Oversecured Vulnerable Android App

    Language:Java63464155

  • SasanLabs/VulnerableApp

    OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

    Language:Java29010180382

  • logicalhacking/DVHMA

    Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.

    Language:JavaScript25714166

  • oversecured/OversecuredVulnerableiOSApp

    Oversecured Vulnerable iOS App

    Language:Swift2098143

  • incredibleindishell/sqlite-lab

    This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

    Language:PHP16016033

  • HTBridge/pivaa

    Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.

    Language:Java1055263
  • vucsa

    Warxim/vucsa

    Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.

    Language:Java957128
  • Vuldroid

    jaiswalakshansh/Vuldroid

    Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code

    Language:Java623117

  • JOSHUAJEBARAJ/GCP-GOAT

    GCP GOAT is the vulnerable application for learn the GCP Security

    Language:TypeScript611125

  • SasanLabs/VulnerableApp-facade

    VulnerableApp-facade is probably most modern lightweight distributed farm of Vulnerable Applications built for handling wide range of vulnerabilities across tech stacks.

    Language:TypeScript4543948
  • VulnerableLightApp

    Aif4thah/VulnerableLightApp

    Vulnerable API for educational purposes

    Language:C#252024

  • arall/vulnerabilities

    Examples of different vulnerabilities, in a variety of languages, shapes and sizes.

    Language:HTML252016

  • codingo/cracknet

    A .net Crackme Challenge made for the SecTalks Brisbane 2017 Capture the Flag Event. Writeup/solution included.

    Language:C#2010012

  • SVelizDonoso/wingkalabs

    Wingkalabs (Linux) Wingkalabs es una máquina Virtual Linux intencionalmente vulnerable. Esta máquina virtual se puede utilizar para realizar entrenamientos de seguridad, probar herramientas de seguridad y practicar técnicas comunes de pruebas de penetración.

    20206

  • sec4you/VulnLabs

    docker-compose bringing up multiple vulnerable applications inside containers.

    18202

  • OWASP/www-project-vulnerable-flask-app

    OWASP Foundation Web Respository

    Language:HTML13719

  • appsecco/owasp-webgoat-dot-net-docker

    Docker container for running OWASP WebGoat.NET application

    114011

  • qwqoro/Mail-Injection

    📧 [Research] E-Mail Injection: Vulnerable applications

    Language:HTML11201
  • vfapi

    naryal2580/vfapi

    Vulnerable FastAPI in reference to Opensource Web Application Security Project (OWASP) TOP 10: 2021

    Language:Python91010

  • lobuhi/lobuhi.github.io

    Rebujito is a fork of IppSec.Rocks and serves as a repo for hacking tools and other resources such as vulnerable apps, cheatsheets or methodologies.

    Language:JavaScript8001
  • vvmlist.github.io

    vvmlist/vvmlist.github.io

    vvmlist is a list of vulnerable virtual machines with their attributes.

    Language:HTML8203

  • UsagiB4/Vulnerable-Machines-for-Pentesting-and-Hacking

    This is a collection of vulnerable machines that can help you to learn hacking, pentesting and bug hunting. I know there are a lot of lists out there, but most of them are not updated regularly. So I decided to make on myself. Hope this will help you

    7102

  • michealkeines/Vulnerable-API

    The Vulnerable API Python Application is a purposely flawed Python app that uses Flask, Jinja, and SQLite3. It contains intentional security vulnerabilities like XSS, SQLi, HHI, LFI, RFI, and SSTI. The project aims to serve as an educational tool to learn about and test automated API scanners. Use responsibly in controlled environments only.

    Language:Python6106

  • videvelopers/Vulnerable-Flask-App

    This is a vulnerable Flask web application designed to provide a lab environment for people who want to improve their web penetration testing skills. It includes multiple types of vulnerabilities for you to practice exploiting.

    Language:Python50010

  • yusufarbc/DockerVuln

    A TUI enviorment for vulnerable app containers.

    Language:Shell4102

  • logicalhacking/DVGM

    Vulnerable Grade Management System

    Language:Ruby3307

  • mleblebici/Vulnerable-Cassandra-App

    testcases developed for research

    Language:HTML3100

  • anir0y/vwa_docker

    vulnerable web application

    Language:PHP2202

  • irvinlim/vulnerability-testbeds

    Bootstrap various intentionally vulnerable web apps with Docker Compose

    2212

  • sec-zone/vuln_app

    Another vulnerable application for practicing web penetration testing.

    Language:Python2104

  • th3r4ven/XSS-WEB-APP

    Language:Python2103

  • digilant-demo/Vulnerable-Web-Application

    OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber

    Language:PHP1002

  • dr34mhacks/operation-file-hunt

    A vulnerable lab for understanding difference between LFI and File Retrieval

    Language:PHP1101

  • m3ssap0/cacti-rce-cve-2022-46169-vulnerable-application

    WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2022-46169). Run it at your own risk!

    Language:PHP1102