OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
☆363Feb 21, 2026Updated last week
Alternatives and similar repositories for VulnerableApp
Users that are interested in VulnerableApp are comparing it to the libraries listed below
Sorting:
- VulnerableApp-facade is probably most modern lightweight distributed farm of Vulnerable Applications built for handling wide range of vul…☆50Feb 19, 2026Updated last week
- Vulnerable Java based Web Application☆270Jun 20, 2024Updated last year
- Damn Vulnerable Java (EE) Application☆145Jan 23, 2024Updated 2 years ago
- ☆15Feb 5, 2022Updated 4 years ago
- A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of se…☆484Aug 20, 2024Updated last year
- Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API re…☆503Updated this week
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆762Aug 21, 2023Updated 2 years ago
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆883Dec 15, 2025Updated 2 months ago
- WebFuzzer - Web Application Security Scanner by Cystack Team☆25Mar 14, 2017Updated 8 years ago
- intentionally vuln web Application Security in django☆309Feb 14, 2026Updated 2 weeks ago
- OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…☆773Feb 23, 2026Updated last week
- OWASP ZAP addon for finding vulnerabilities in JWT Implementations☆35Mar 3, 2025Updated 11 months ago
- An example of a mis-configured Rails application release under MIT license.☆21Jan 19, 2023Updated 3 years ago
- A step by step workshop to exploit various vulnerabilities in Node.js and Java applications☆156Mar 17, 2024Updated last year
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- Open Redirect scanner - (out of date)☆28Nov 27, 2022Updated 3 years ago
- Vulnerable app with examples showing how to not use secrets☆1,395Updated this week
- Repo for all the SKF Docker lab examples☆462Aug 2, 2024Updated last year
- Embedded AppSec Best Practices☆45Oct 22, 2025Updated 4 months ago
- Collection of snippets for devtools.☆13Mar 17, 2021Updated 4 years ago
- The aim of the project is to develop intentionally vulnerable source code in various languages.☆15May 3, 2020Updated 5 years ago
- Contains all my research and content produced regarding the log4shell vulnerability☆31Jan 22, 2022Updated 4 years ago
- A deliberately insecure Java web application☆44Oct 23, 2025Updated 4 months ago
- OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber☆404Jul 10, 2024Updated last year
- Damn Vulnerable NodeJS Application☆761Mar 27, 2024Updated last year
- CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion☆18Mar 3, 2021Updated 5 years ago
- A very vulnerable implementation of a GraphQL API.☆17Feb 12, 2026Updated 2 weeks ago
- Offensive Terraform module which copies publicly exposed EBS snapshot to us-east-1 region in attacker's AWS account and creates EBS volum…☆14Sep 18, 2020Updated 5 years ago
- This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities☆93Jun 11, 2023Updated 2 years ago
- A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.☆1,260Jan 11, 2026Updated last month
- Vulnerable Python Application To Learn Secure Development☆127May 31, 2024Updated last year
- GitHub Action安全工具,可以将Action Secrets还原拿到明文,用于证明Secrets并不是绝对的安全。(测�试通过,放心使用,再有问题来issues区锤我...)☆24Sep 12, 2022Updated 3 years ago
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testing☆1,173Nov 25, 2024Updated last year
- DefectDojo Community Content☆18Nov 9, 2025Updated 3 months ago
- Damn Vulnerable C# Application (API)☆79Jul 15, 2024Updated last year
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆297Sep 22, 2024Updated last year
- A laboratory for learning secure web and mobile development in a practical manner.☆971Sep 25, 2024Updated last year
- all manner of wordlists☆24Jan 19, 2022Updated 4 years ago
- You can find hardcoded Api-Key,Secret,Token Etc..☆77Sep 3, 2022Updated 3 years ago