Alternatives and similar repositories for WebGoat

Users that are interested in WebGoat are comparing it to the libraries listed below

• OWASP / OWASP-Top-10
  OWASP Top Ten
  ☆48Updated 3 years ago
• WebGoat / WebGoat-Lessons
  7.x - The WebGoat STABLE lessons supplied by the WebGoat team.
  ☆156Updated 4 years ago
• OWASP / OWASP-Testing-Guide
  OWASP Testing Guide
  ☆110Updated 9 years ago
• dionach / HeadersAnalyzer
  Burp extension that checks for interesting and security headers
  ☆43Updated 4 years ago
• OWASP / OWASP-GoatDroid-Project
  OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. G…
  ☆26Updated 12 years ago
• PortSwigger / httpoxy-scanner
  A Burp Suite extension that checks for the HTTPoxy vulnerability.
  ☆96Updated 3 years ago
• zaproxy / zap-admin
  ZAP Admin
  ☆29Updated this week
• infoslack / docker-dvwa
  Docker image for DVWA(Damn Vulnerable Web Application)
  ☆101Updated 8 years ago
• rafaelrpinto / VulnerableJavaWebApplication
  A Java Web Application with common legacy security flaws for tests with Arachni Scanner and ModSecurity
  ☆21Updated 11 months ago
• zaproxy / zap-core-help
  The help files for the ZAP core
  ☆201Updated this week
• RUB-NDS / BurpSSOExtension
  An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
  ☆118Updated 4 years ago
• salesforce / AutoTriageBot
  AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.
  ☆56Updated 3 years ago
• PacktPublishing / Mastering-Modern-Web-Penetration-Testing
  Code repository for Mastering Modern Web Penetration Testing, published by Packt
  ☆72Updated 2 years ago
• Contrast-Security-OSS / jinfinity
  An API for consuming all the memory of Java apps using deserialization
  ☆28Updated 9 years ago
• OWASP / AppSec-Browser-Bundle
  The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre…
  ☆98Updated 11 years ago
• Matir / pwnableweb
  PwnableWeb is a suite of web applications for use in information security training.
  ☆87Updated 11 years ago
• iriusrisk / RopeyTasks
  Deliberately vulnerable web application
  ☆22Updated 8 years ago
• lorenzog / dns-parallel-prober
  PoC for an adaptive parallelised DNS prober
  ☆108Updated 2 years ago
• vulnersCom / burp-Dirbuster
  Dirbuster plugin for Burp Suite
  ☆71Updated 8 years ago
• OWASP / WebGoat.NET
  OWASP WebGoat.NET
  ☆70Updated 9 years ago
• securelayer7 / csv-injection-vulnerable-php-script-
  CSV injection Vulnerable Script.
  ☆29Updated 8 years ago
• incredibleindishell / Local-file-disclosure-SQL-Injection-Lab
  This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …
  ☆44Updated 8 years ago
• secdec / attack-surface-detector-zap
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆63Updated 2 years ago
• cameronhotchkies / Absinthe
  A Blind SQL Exploitation application
  ☆78Updated 12 years ago
• OWASP / sonarqube
  OWASP SonarQube Project
  ☆110Updated 5 years ago
• silentsignal / burp-image-size
  Image size issues plugin for Burp Suite
  ☆95Updated 7 years ago
• dsopas / rfd-checker
  RFD Checker - security CLI tool to test Reflected File Download issues
  ☆61Updated 6 years ago
• arvinddoraiswamy / mywebappscripts
  A collection of all the lists, scripts and techniques I use while doing web application penetration tests.
  ☆168Updated 9 years ago
• Nallium / Peerlyst
  A list of collected articles and resources from the website Peerlyst
  ☆17Updated 8 years ago
• tomsteele / burpbuddy
  burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…
  ☆157Updated 6 years ago