Alternatives and similar repositories for WebGoat-Lessons

Users that are interested in WebGoat-Lessons are comparing it to the libraries listed below

• WebGoat / WebGoat-Legacy
  Legacy WebGoat 6.0 - Deliberately insecure JavaEE application
  ☆326Updated last year
• psiinon / bodgeit
  The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.
  ☆273Updated 11 months ago
• sqlmapproject / testenv
  A collection of web pages vulnerable to SQL injection flaws
  ☆348Updated 3 years ago
• SpiderLabs / MCIR
  The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of co…
  ☆442Updated 5 years ago
• adamdoupe / WackoPicko
  WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
  ☆333Updated last year
• chuckfw / owaspbwa
  OWASP Broken Web Applications Project
  ☆307Updated last year
• zaproxy / zap-core-help
  The help files for the ZAP core
  ☆201Updated last month
• Hackademic / hackademic
  the main hackademic code repository
  ☆323Updated 4 years ago
• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆210Updated last year
• allfro / BurpKit
  Next-gen BurpSuite penetration testing tool
  ☆461Updated 9 years ago
• incredibleindishell / sqlite-lab
  This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is f…
  ☆160Updated 3 years ago
• davevs / dvxte
  Damn Vulnerable eXtensive Training Environment
  ☆105Updated 3 years ago
• NetSPI / xssValidator
  This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.
  ☆416Updated 3 years ago
• NetSPI / JavaSerialKiller
  Burp extension to perform Java Deserialization Attacks
  ☆212Updated last year
• infoslack / docker-dvwa
  Docker image for DVWA(Damn Vulnerable Web Application)
  ☆101Updated 8 years ago
• scovetta / yasca
  Yet Another Source Code Analyzer
  ☆184Updated 3 years ago
• himadriganguly / sqlilabs
  Lab set-up for learning SQL Injection Techniques
  ☆100Updated 4 years ago
• RUB-NDS / WS-Attacker
  WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr …
  ☆482Updated 10 months ago
• mazen160 / struts-pwn
  An exploit for Apache Struts CVE-2017-5638
  ☆436Updated 7 years ago
• OWASP / OWASP-Testing-Guide
  OWASP Testing Guide
  ☆110Updated 9 years ago
• ajinabraham / OWASP-Xenotix-XSS-Exploit-Framework
  OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
  ☆533Updated 5 years ago
• OWASP / WebGoat
  This is a defunct code base. The project is located at: https://github.com/WebGoat
  ☆50Updated 9 years ago
• mandatoryprogrammer / xssless
  An automated XSS payload generator written in python.
  ☆315Updated 9 years ago
• CSPF-Founder / JavaVulnerableLab
  Vulnerable Java based Web Application
  ☆269Updated last year
• trietptm / SQL-Injection-Payloads
  SQL Injection Payloads for Burp Suite, OWASP Zed Attack Proxy,...
  ☆232Updated 5 years ago
• IFGHou / wapiti
  A web-application vulnerability scanner
  ☆118Updated 4 years ago
• OWASP / AppSec-Browser-Bundle
  The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre…
  ☆98Updated 11 years ago
• opsxcq / docker-vulnerable-dvwa
  Damn Vulnerable Web Application Docker container
  ☆217Updated last year
• infosec-au / bugbountydash
  [depreciated] Terminal dashboard for bug bounty hunters that use HackerOne and Bugcrowd
  ☆192Updated 9 years ago
• arvinddoraiswamy / mywebappscripts
  A collection of all the lists, scripts and techniques I use while doing web application penetration tests.
  ☆168Updated 9 years ago