Alternatives and similar repositories for WebGoat-Legacy:

Users that are interested in WebGoat-Legacy are comparing it to the libraries listed below

• WebGoat / WebGoat-Lessons
  7.x - The WebGoat STABLE lessons supplied by the WebGoat team.
  ☆156Updated 4 years ago
• foxglovesec / JavaUnserializeExploits
  ☆492Updated 9 years ago
• denimgroup / threadfix
  ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to www.threadfix.it for up-to-d…
  ☆339Updated 2 years ago
• SpiderLabs / MCIR
  The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of co…
  ☆441Updated 4 years ago
• allfro / BurpKit
  Next-gen BurpSuite penetration testing tool
  ☆460Updated 9 years ago
• himadriganguly / sqlilabs
  Lab set-up for learning SQL Injection Techniques
  ☆97Updated 4 years ago
• apuigsech / seekret
  Go library and command line to seek for secrets on various sources.
  ☆242Updated 5 years ago
• musalbas / heartbleed-masstest
  Multi-threaded tool for scanning many hosts for CVE-2014-0160.
  ☆572Updated 9 years ago
• metac0rtex / GitHarvester
  ☆311Updated 8 years ago
• SkyLined / LocalNetworkScanner
  PoC Javascript that scans your local network when you open a webpage
  ☆157Updated 8 years ago
• RUB-NDS / WS-Attacker
  WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr …
  ☆478Updated 6 months ago
• psiinon / bodgeit
  The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.
  ☆267Updated 7 months ago
• tomsteele / burpbuddy
  burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…
  ☆157Updated 6 years ago
• dpnishant / jsprime
  a javascript static security analysis tool
  ☆589Updated 9 years ago
• yoojinl / fuzzdb
  Use https://github.com/fuzzdb-project/fuzzdb project
  ☆95Updated 8 years ago
• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆203Updated 9 months ago
• breenmachine / JavaUnserializeExploits
  ☆132Updated 9 years ago
• codewatchorg / bypasswaf
  Add headers to all Burp requests to bypass some WAF products
  ☆331Updated 7 years ago
• antisnatchor / phishlulz
  ☆340Updated 8 years ago
• FiloSottile / CVE-2016-2107
  Simple test for the May 2016 OpenSSL padding oracle (CVE-2016-2107)
  ☆189Updated 6 years ago
• matthiaskaiser / jmet
  Java Message Exploitation Tool
  ☆499Updated 2 years ago
• chaitin / sqlchop
  [DEPRECATED]A novel SQL injection detection engine built on top of SQL tokenizing and syntax analysis.
  ☆254Updated last year
• jtmelton / appsensor
  A toolkit for building self-defending applications through real-time event detection and response
  ☆280Updated 2 years ago
• torque59 / Nosql-Exploitation-Framework
  A Python Framework For NoSQL Scanning and Exploitation
  ☆600Updated 3 months ago
• mwielgoszewski / jython-burp-api
  Develop Burp extensions in Jython
  ☆178Updated 8 years ago
• P1kachu / v0lt
  Security CTF Toolkit (Not maintained anymore)
  ☆369Updated 7 years ago
• adamdoupe / WackoPicko
  WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
  ☆332Updated 10 months ago
• mozilla / seasponge
  SeaSponge is an accessible threat modelling tool from Mozilla
  ☆278Updated 6 years ago
• scovetta / yasca
  Yet Another Source Code Analyzer
  ☆183Updated 3 years ago
• foospidy / GrepBugs
  A regex based source code scanner.
  ☆129Updated 7 years ago