Alternatives and similar repositories for WebGoat:

Users that are interested in WebGoat are comparing it to the libraries listed below

• OWASP / OWASP-Testing-Guide
  OWASP Testing Guide
  ☆110Updated 8 years ago
• PortSwigger / httpoxy-scanner
  A Burp Suite extension that checks for the HTTPoxy vulnerability.
  ☆90Updated 3 years ago
• OWASP / OWASP-Top-10
  OWASP Top Ten
  ☆48Updated 3 years ago
• infoslack / docker-dvwa
  Docker image for DVWA(Damn Vulnerable Web Application)
  ☆100Updated 8 years ago
• OWASP / SSVL
  Simple Software Vulnerability Language (SSVL)
  ☆13Updated 9 years ago
• zaproxy / zap-core-help
  The help files for the ZAP core
  ☆201Updated this week
• tomsteele / burpbuddy
  burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…
  ☆157Updated 6 years ago
• WebGoat / WebGoat-Lessons
  7.x - The WebGoat STABLE lessons supplied by the WebGoat team.
  ☆156Updated 4 years ago
• PacktPublishing / Mastering-Modern-Web-Penetration-Testing
  Code repository for Mastering Modern Web Penetration Testing, published by Packt
  ☆72Updated last year
• OWASP / AppSec-Browser-Bundle
  The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre…
  ☆93Updated 11 years ago
• g0tmi1k / boot2root-scripts
  Homemade scripts to-do various vulnerable challenges
  ☆75Updated 4 years ago
• OWASP / OWASP-GoatDroid-Project
  OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. G…
  ☆26Updated 12 years ago
• johndekroon / serializekiller
  Mass scanner for the Java serialize bug
  ☆151Updated 5 years ago
• rafaelrpinto / VulnerableJavaWebApplication
  A Java Web Application with common legacy security flaws for tests with Arachni Scanner and ModSecurity
  ☆21Updated 6 months ago
• mtesauro / owasp-wte
  Home of the developement for OWASP WTE - the Web Testing Environment, a collection of pre-packaged Linux AppSec tools, apps and documenta…
  ☆106Updated 2 years ago
• cameronhotchkies / Absinthe
  A Blind SQL Exploitation application
  ☆79Updated 12 years ago
• OWASP / WebGoat.NET
  OWASP WebGoat.NET
  ☆69Updated 9 years ago
• OWASP / OWASPBugBounty
  This is a container of web applications that work with OWASP Bug Bounty for Projects
  ☆32Updated last year
• SpiderLabs / CryptOMG
  CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.
  ☆193Updated 9 years ago
• Hamza-Megahed / CTFs
  Walkthrough some CTFs
  ☆49Updated 4 years ago
• dionach / HeadersAnalyzer
  Burp extension that checks for interesting and security headers
  ☆43Updated 4 years ago
• hackthelegacy / hack400tool
  hack400tool
  ☆97Updated 7 years ago
• siberas / watobo
  ☆88Updated 2 months ago
• Rossmairm / PenTools
  This is a bundle of python and bash penetration testing tools for recon and information gathering.
  ☆80Updated 9 years ago
• SecarmaLabs / dns-parallel-prober
  PoC for an adaptive parallelised DNS prober
  ☆44Updated 7 years ago
• SpiderLabs / jboss-autopwn
  A JBoss script for obtaining remote shell access
  ☆170Updated 4 years ago
• lorenzog / dns-parallel-prober
  PoC for an adaptive parallelised DNS prober
  ☆107Updated 2 years ago