A deliberately vulnerable web application for learning web application security.
☆149Apr 28, 2025Updated 10 months ago
Alternatives and similar repositories for OWASPWebGoatPHP
Users that are interested in OWASPWebGoatPHP are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. G…☆27Sep 25, 2012Updated 13 years ago
- OWASP WebGoat.NET☆73Aug 20, 2015Updated 10 years ago
- OWASP Findings Format☆19Mar 4, 2021Updated 5 years ago
- OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS☆449Dec 29, 2025Updated 2 months ago
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆884Mar 2, 2026Updated 3 weeks ago
- Vulnerable web site. Used to test sentinel features.☆11Nov 18, 2016Updated 9 years ago
- OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber☆406Jul 10, 2024Updated last year
- The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Nod…☆2,021Jun 15, 2024Updated last year
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner☆12Apr 22, 2018Updated 7 years ago
- Simple mind maps for IoT security attack surfaces and methodologies☆17Aug 12, 2019Updated 6 years ago
- Vulnerable Python Application To Learn Secure Development☆127May 31, 2024Updated last year
- OWASP iGoat - A Learning Tool for iOS App Pentesting and Security by Swaroop Yermalkar☆455Jan 5, 2023Updated 3 years ago
- Securibench Micro is a benchmark for static analysis tools for security.☆26Jul 26, 2018Updated 7 years ago
- GitHub Advanced Security C# Demo Application☆17Aug 8, 2024Updated last year
- *This project is no longer maintained* OWASP GoatDroid is a fully functional and self-contained training environment for educating develo…☆254Jul 29, 2014Updated 11 years ago
- Encoder, Decoder, Converter, Calculator, TU WAS DU WILLST .. for various codings used in the wild wide web☆41Jul 3, 2024Updated last year
- Priv8 Tools Offensive Security WordPress_AutoExploiter☆28Apr 17, 2022Updated 3 years ago
- A vulnerable LDAP based web app written in Golang☆83Oct 31, 2023Updated 2 years ago
- Proof of concept that uses cosign and GitHub's in built OIDC for actions to sign container images, providing a proof that what is in the …☆14Jan 31, 2023Updated 3 years ago
- ☆11Mar 19, 2022Updated 4 years ago
- Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.14 - Unauthenticated SQL Injection☆20Sep 15, 2024Updated last year
- flask-webgoat is a deliberately-vulnerable application written with the Flask web framework.☆19Sep 5, 2025Updated 6 months ago
- LAPSE+ is a security scanner, based on the white box analysis of code for detecting vulnerabilities in Java EE Applications.☆27Feb 2, 2018Updated 8 years ago
- Web and mobile application security training platform☆1,428Mar 16, 2026Updated last week
- an extremely buggy web app !☆46Dec 5, 2016Updated 9 years ago
- A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.☆25Mar 11, 2024Updated 2 years ago
- OWASP Passfault evaluates passwords and enforces password policy in a completely different way.☆177Feb 23, 2021Updated 5 years ago
- OWASp PureCaptcha project☆25Dec 15, 2019Updated 6 years ago
- miscellaneous stuff☆21Mar 31, 2015Updated 10 years ago
- Penetration Testing with Kali Linux☆22Oct 18, 2019Updated 6 years ago
- The OWASP Developer Guide☆2,149Updated this week
- Examples of vulnerable PHP code☆12Feb 15, 2024Updated 2 years ago
- Vulnerable Bank Web Application for Cyber Security Course☆13Dec 11, 2022Updated 3 years ago
- ☆14Aug 22, 2025Updated 7 months ago
- Run Capture the Flags and Security Trainings with OWASP WrongSecrets☆55Updated this week
- Website that takes a linkedin URL and generates a pretty HTML resume from it☆16Jun 23, 2016Updated 9 years ago
- OWASP WebScarab☆615Aug 13, 2021Updated 4 years ago
- Egressbuster is a method to check egress filtering and identify if ports are allowed. If they are, you can automatically spawn a shell.☆12Mar 14, 2018Updated 8 years ago
- Passive Web Vulnerability Detection Tool☆37May 5, 2025Updated 10 months ago