Pinned Repositories
awesome-vulnerable
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
dvpwa
Damn Vulnerable Python Web App
govwa
javaspringvulny
javaspringvulny - a Spring Boot web application built wrong on purpose
nodejs-goof
Super vulnerable todo list application
vuln_node_express
vulnerable-react-app
A purposefully vulnerable application built with React (frontend) and Java Spring (backend) to be used for benchmarking DAST tools and their effectiveness against Single Page Applications (SPAs)
VulnerableCoreApp
Vulnerable ASP.NET Core 2.0 App
VulnLab
vulnerable-apps's Repositories
vulnerable-apps/vulnerable-react-app
A purposefully vulnerable application built with React (frontend) and Java Spring (backend) to be used for benchmarking DAST tools and their effectiveness against Single Page Applications (SPAs)
vulnerable-apps/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
vulnerable-apps/nodejs-goof
Super vulnerable todo list application
vulnerable-apps/vm-vulnlab
Free and open-source cross-platform web-focused security training environment
vulnerable-apps/vulhub-tmp-public
vulnerable-apps/crAPI-1
completely ridiculous API (crAPI)
vulnerable-apps/dvcsharp-api
Damn Vulnerable C# Application (API)
vulnerable-apps/intentionally-vulnerable-golang-project
Vulnerable Golang App by Sonatype Nexus
vulnerable-apps/javaspringvulny
javaspringvulny - a Spring Boot web application built wrong on purpose
vulnerable-apps/railsgoat
A vulnerable version of Rails that follows the OWASP Top 10
vulnerable-apps/vulnado
Purposely vulnerable Java application to help lead secure coding workshops
vulnerable-apps/wrongsecrets
Examples with how to not use secrets
vulnerable-apps/AltoroJ
WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.
vulnerable-apps/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
vulnerable-apps/brokencrystals
A Broken Application - Very Vulnerable!
vulnerable-apps/crAPI
completely ridiculous API (crAPI)
vulnerable-apps/dependency-files-only
Test data to verify the accuracy of searching for dependency files
vulnerable-apps/dvja
Damn Vulnerable Java (EE) Application
vulnerable-apps/dvna
Damn Vulnerable NodeJS Application
vulnerable-apps/grpc-web-playground
The main goal of this repo is to learn about the gRPC communication patterns and hunt for vulnerabilities in the gRPC-Web app to improve your hunting skills
vulnerable-apps/pygoat
intentionally vuln web Application Security in django
vulnerable-apps/railsgoat-cicd-lab
CI/CD lab demonstrating static and dynamic security analysis of RailsGoat app
vulnerable-apps/SecurityShepherd
Web and mobile application security training platform
vulnerable-apps/VAmPI
Vulnerable REST API with OWASP top 10 vulnerabilities for APIs
vulnerable-apps/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
vulnerable-apps/vuln_django_play
🐛 An intentionally vulnerable Django app
vulnerable-apps/Vulnerable-JWT
Collection of vulnerable APIs/apps to test JWT attacks
vulnerable-apps/VulnerableApp
OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
vulnerable-apps/WidgetSender
Intentionally Vulnerable Demo App: .NET MVC, WCF, WebAPI, Web Forms
vulnerable-apps/xss-fastapi
Recreation of https://xss-game.appspot.com/