Alternatives and similar repositories for WebGoat-Lessons:

Users that are interested in WebGoat-Lessons are comparing it to the libraries listed below

• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆203Updated 9 months ago
• psiinon / bodgeit
  The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.
  ☆267Updated 7 months ago
• WebGoat / WebGoat-Legacy
  Legacy WebGoat 6.0 - Deliberately insecure JavaEE application
  ☆326Updated last year
• davevs / dvxte
  Damn Vulnerable eXtensive Training Environment
  ☆104Updated 3 years ago
• OWASP / AppSec-Browser-Bundle
  The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre…
  ☆96Updated 11 years ago
• NetSPI / xssValidator
  This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.
  ☆414Updated 3 years ago
• CSPF-Founder / btslab
  Vulnerable web application
  ☆77Updated 2 years ago
• danTaler / detectionString
  list of sql-injection and XSS strings
  ☆115Updated 9 years ago
• SpiderLabs / MCIR
  The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of co…
  ☆441Updated 4 years ago
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆225Updated 9 months ago
• zaproxy / zap-core-help
  The help files for the ZAP core
  ☆201Updated this week
• OWASP / OWASP-Testing-Guide
  OWASP Testing Guide
  ☆110Updated 9 years ago
• mandatoryprogrammer / xssless
  An automated XSS payload generator written in python.
  ☆315Updated 8 years ago
• chuckfw / owaspbwa
  OWASP Broken Web Applications Project
  ☆302Updated last year
• infosec-au / bugbountydash
  [depreciated] Terminal dashboard for bug bounty hunters that use HackerOne and Bugcrowd
  ☆191Updated 9 years ago
• CSPF-Founder / JavaVulnerableLab
  Vulnerable Java based Web Application
  ☆265Updated 9 months ago
• OWASP / OWASP-WebScarab
  OWASP WebScarab
  ☆608Updated 3 years ago
• OWASP / WebGoat
  This is a defunct code base. The project is located at: https://github.com/WebGoat
  ☆50Updated 8 years ago
• adamdoupe / WackoPicko
  WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
  ☆332Updated 10 months ago
• ajinabraham / OWASP-Xenotix-XSS-Exploit-Framework
  OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
  ☆529Updated 4 years ago
• scovetta / yasca
  Yet Another Source Code Analyzer
  ☆183Updated 3 years ago
• arvinddoraiswamy / mywebappscripts
  A collection of all the lists, scripts and techniques I use while doing web application penetration tests.
  ☆168Updated 9 years ago
• IFGHou / wapiti
  A web-application vulnerability scanner
  ☆119Updated 4 years ago
• JacobReynolds / ssrfDetector
  Server-side request forgery detector
  ☆158Updated 7 years ago
• AonCyberLabs / xxe-recursive-download
  ☆232Updated 9 years ago
• PaulSec / HQLmap
  (Deprecated) HQLmap, Automatic tool to exploit HQL injections
  ☆228Updated 5 years ago
• Lavakumar / IronWASP
  Source code of IronWASP
  ☆116Updated 11 years ago
• trietptm / SQL-Injection-Payloads
  SQL Injection Payloads for Burp Suite, OWASP Zed Attack Proxy,...
  ☆229Updated 5 years ago
• NetSPI / JavaSerialKiller
  Burp extension to perform Java Deserialization Attacks
  ☆210Updated last year
• digininja / nosqlilab
  A lab for playing with NoSQL Injection
  ☆130Updated 4 years ago