OWASP VulnerableApp Project: Break it. Scan it. Reproduce it. Benchmark against it. Improve it.
☆402May 18, 2026Updated this week
Alternatives and similar repositories for VulnerableApp
Users that are interested in VulnerableApp are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- VulnerableApp-facade is probably most modern lightweight distributed farm of Vulnerable Applications built for handling wide range of vul…☆55May 12, 2026Updated last week
- OWASP Foundation Web Respository for VulnerableApp project. Project's codebase Repository: https://github.com/SasanLabs/VulnerableApp☆13Apr 13, 2026Updated last month
- Damn Vulnerable Java (EE) Application☆149Jan 23, 2024Updated 2 years ago
- A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of se…☆488Aug 20, 2024Updated last year
- Vulnerable Java based Web Application☆275May 10, 2026Updated last week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- OWASP ZAP addon for finding vulnerabilities in JWT Implementations☆36Mar 3, 2025Updated last year
- OWASP ZAP add-on for finding vulnerabilities in File Upload functionality.☆24Aug 1, 2024Updated last year
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆883Apr 13, 2026Updated last month
- intentionally vuln web Application Security in django☆330Apr 20, 2026Updated last month
- OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web…☆797Updated this week
- WebFuzzer - Web Application Security Scanner by Cystack Team☆25Mar 14, 2017Updated 9 years ago
- Offensive Terraform module which copies publicly exposed EBS snapshot to us-east-1 region in attacker's AWS account and creates EBS volum…☆14Sep 18, 2020Updated 5 years ago
- Awesome Vulnerable Applications☆1,405Updated this week
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆775Aug 21, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API re…☆510Mar 29, 2026Updated last month
- Vulnerable Python Application To Learn Secure Development☆130May 31, 2024Updated last year
- ☆15Feb 5, 2022Updated 4 years ago
- Vulnerable app with examples showing how to not use secrets☆1,439Updated this week
- GitHub Action安全工具,可以将Action Secrets还原拿到明文,用于证明Secrets并不是绝对的安全。(测试通过,放心使用,再有问题来issues区锤我...)☆24Sep 12, 2022Updated 3 years ago
- Damn Vulnerable NodeJS Application☆772Mar 27, 2024Updated 2 years ago
- An intentionally vulnerable django app, to help django developers learn security testing☆46Aug 15, 2023Updated 2 years ago
- OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber☆412Jul 10, 2024Updated last year
- An example of a mis-configured Rails application release under MIT license.☆21Jan 19, 2023Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Monorepo of Labs for the Security Knowledge Framework (SKF)☆44Jun 12, 2025Updated 11 months ago
- A very vulnerable implementation of a GraphQL API.☆18Mar 27, 2026Updated last month
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testing☆1,218Apr 7, 2026Updated last month
- A Java Web Application with common legacy security flaws for tests with Arachni Scanner and ModSecurity☆21Jul 3, 2024Updated last year
- Contains all my research and content produced regarding the log4shell vulnerability☆31Jan 22, 2022Updated 4 years ago
- This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities�☆94Jun 11, 2023Updated 2 years ago
- PNG IDAT chunks ~ payload generator☆15Jun 14, 2016Updated 9 years ago
- Damn Vulnerable C# Application (API)☆80Jul 15, 2024Updated last year
- Damn Vulnerable Python Web App☆189May 21, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆12Apr 10, 2021Updated 5 years ago
- Collection of snippets for devtools.☆13Mar 17, 2021Updated 5 years ago
- A vulnerable Play application for attackers.☆18May 4, 2026Updated 2 weeks ago
- A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.☆1,314Jan 11, 2026Updated 4 months ago
- OWASP Foundation Web Respository☆28Dec 22, 2025Updated 5 months ago
- all manner of wordlists☆24Jan 19, 2022Updated 4 years ago
- Vulnerable Banking Suite☆171Sep 29, 2025Updated 7 months ago