vulnerable-apps Goto Github PK

0l4bs

Cross-site scripting labs for web application security enthusiasts

altoroj

WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.

androgoat

AndroGoat

apisandbox

Pre-Built Vulnerable Multiple API Scenarios Environments Based on Docker-Compose.

authlab

A lab to play with authentication and authorisation problems

awesome-vulnerable

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

awsgoat

AWSGoat : A Damn Vulnerable AWS Infrastructure

bodgeit

The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.

brokenaccesscontrol

This is an overly simple example of an ASP.NET WebForms 4.7 application with the OWASP 2017 A5: Broken Access Control Vulnerability

brokencrystals

A Broken Application - Very Vulnerable!

bwa_cyclone_transfers

crapi

completely ridiculous API (crAPI)

crapi-1

completely ridiculous API (crAPI)

cvwa

Conviso Vulnerable Web Application is the OSS project from the Conviso Application Security for the community. The project represents a vulnerable web application to practice security testing and improve your learning in AppSec..

damn-vulnerable-graphql-application

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

damn-vulnerable-stateful-web-app

Short and simple vulnerable PHP web application that naïve scanners found to be perfectly safe

damnvulnerablemicroservices

This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)

demo.testfire.net

WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.

dependency-files-only

Test data to verify the accuracy of searching for dependency files

diwa

A Deliberately Insecure Web Application

django-rev-shell

A simple django app to provide a reverse shell when deployed and invoked.

django.nv

Vulnerable Django Application

djangogoat

An intentionally vulnerable django app, to help django developers learn security testing

dsvw

Damn Small Vulnerable Web

dvca

Damn Vulnerable Cloud Application

dvcsharp-api

Damn Vulnerable C# Application (API)

dvfaas-damn-vulnerable-functions-as-a-service

Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities

dvja

Damn Vulnerable Java (EE) Application

dvna

Damn Vulnerable NodeJS Application

dvpwa

Damn Vulnerable Python Web App