Alternatives and similar repositories for WebGoat-Lessons:

Users that are interested in WebGoat-Lessons are comparing it to the libraries listed below

• psiinon / bodgeit
  The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.
  ☆268Updated 6 months ago
• CSPF-Founder / JavaVulnerableLab
  Vulnerable Java based Web Application
  ☆261Updated 7 months ago
• WebGoat / WebGoat-Legacy
  Legacy WebGoat 6.0 - Deliberately insecure JavaEE application
  ☆326Updated 10 months ago
• zaproxy / zap-core-help
  The help files for the ZAP core
  ☆201Updated 2 weeks ago
• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆201Updated 8 months ago
• SpiderLabs / MCIR
  The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of co…
  ☆438Updated 4 years ago
• NetSPI / JavaSerialKiller
  Burp extension to perform Java Deserialization Attacks
  ☆209Updated last year
• SpiderLabs / CryptOMG
  CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.
  ☆193Updated 9 years ago
• davevs / dvxte
  Damn Vulnerable eXtensive Training Environment
  ☆103Updated 2 years ago
• sqlmapproject / testenv
  A collection of web pages vulnerable to SQL injection flaws
  ☆347Updated 2 years ago
• scovetta / yasca
  Yet Another Source Code Analyzer
  ☆183Updated 3 years ago
• OWASP / OWASP-Testing-Guide
  OWASP Testing Guide
  ☆110Updated 9 years ago
• juice-shop / juice-shop-ctf
  Tool to export Juice Shop challenges and hints in data format compatible with CTFd, RootTheBox or FBCTF
  ☆416Updated 2 weeks ago
• TheRook / CSRF-Request-Builder
  ☆78Updated 9 years ago
• arvinddoraiswamy / mywebappscripts
  A collection of all the lists, scripts and techniques I use while doing web application penetration tests.
  ☆168Updated 8 years ago
• adamdoupe / WackoPicko
  WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
  ☆330Updated 8 months ago
• SpiderLabs / SQLol
  A configurable SQL injection test-bed
  ☆120Updated 11 years ago
• debasishm89 / burpy
  Portable and flexible web application security assessment tool.It parses Burp Suite log and performs various tests depending on the modul…
  ☆121Updated 6 years ago
• himadriganguly / sqlilabs
  Lab set-up for learning SQL Injection Techniques
  ☆95Updated 4 years ago
• foxglovesec / JavaUnserializeExploits
  ☆492Updated 8 years ago
• h3xstream / http-script-generator
  ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
  ☆290Updated last year
• OWASP / WebGoat
  This is a defunct code base. The project is located at: https://github.com/WebGoat
  ☆49Updated 8 years ago
• SpiderLabs / jboss-autopwn
  A JBoss script for obtaining remote shell access
  ☆170Updated 4 years ago
• CSPF-Founder / btslab
  Vulnerable web application
  ☆79Updated 2 years ago
• IFGHou / wapiti
  A web-application vulnerability scanner
  ☆119Updated 4 years ago
• mandatoryprogrammer / xssless
  An automated XSS payload generator written in python.
  ☆319Updated 8 years ago
• tomsteele / burpbuddy
  burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…
  ☆157Updated 6 years ago
• AonCyberLabs / xxe-recursive-download
  ☆232Updated 9 years ago
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆224Updated 8 months ago
• commixproject / commix-testbed
  A collection of web pages, vulnerable to command injection flaws.
  ☆177Updated last year