Alternatives and similar repositories for WebGoat-Lessons

Users that are interested in WebGoat-Lessons are comparing it to the libraries listed below

• psiinon / bodgeit
  The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.
  ☆276Updated last year
• WebGoat / WebGoat-Legacy
  Legacy WebGoat 6.0 - Deliberately insecure JavaEE application
  ☆328Updated last year
• adamdoupe / WackoPicko
  WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
  ☆335Updated last year
• sqlmapproject / testenv
  A collection of web pages vulnerable to SQL injection flaws
  ☆349Updated 3 years ago
• zaproxy / zap-core-help
  The help files for the ZAP core
  ☆201Updated last week
• davevs / dvxte
  Damn Vulnerable eXtensive Training Environment
  ☆106Updated 3 years ago
• Hackademic / hackademic
  the main hackademic code repository
  ☆323Updated 4 years ago
• chuckfw / owaspbwa
  OWASP Broken Web Applications Project
  ☆305Updated last year
• SpiderLabs / MCIR
  The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of co…
  ☆442Updated 5 years ago
• mandatoryprogrammer / xssless
  An automated XSS payload generator written in python.
  ☆315Updated 9 years ago
• OWASP / OWASP-Testing-Guide
  OWASP Testing Guide
  ☆110Updated 9 years ago
• OWASP / WebGoat
  This is a defunct code base. The project is located at: https://github.com/WebGoat
  ☆52Updated 9 years ago
• infoslack / docker-dvwa
  Docker image for DVWA(Damn Vulnerable Web Application)
  ☆101Updated 8 years ago
• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆208Updated last year
• infosec-au / bugbountydash
  [depreciated] Terminal dashboard for bug bounty hunters that use HackerOne and Bugcrowd
  ☆195Updated 9 years ago
• NetSPI / JavaSerialKiller
  Burp extension to perform Java Deserialization Attacks
  ☆214Updated last year
• OWASP / AppSec-Browser-Bundle
  The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre…
  ☆98Updated 11 years ago
• scovetta / yasca
  Yet Another Source Code Analyzer
  ☆184Updated 3 years ago
• himadriganguly / sqlilabs
  Lab set-up for learning SQL Injection Techniques
  ☆100Updated 4 years ago
• CSPF-Founder / JavaVulnerableLab
  Vulnerable Java based Web Application
  ☆270Updated last year
• arvinddoraiswamy / mywebappscripts
  A collection of all the lists, scripts and techniques I use while doing web application penetration tests.
  ☆168Updated 9 years ago
• trietptm / SQL-Injection-Payloads
  SQL Injection Payloads for Burp Suite, OWASP Zed Attack Proxy,...
  ☆232Updated 5 years ago
• allfro / BurpKit
  Next-gen BurpSuite penetration testing tool
  ☆462Updated 9 years ago
• mazen160 / struts-pwn
  An exploit for Apache Struts CVE-2017-5638
  ☆437Updated 7 years ago
• sectooladdict / wavsep
  The Web Application Vulnerability Scanner Evaluation Project
  ☆237Updated 2 years ago
• thesp0nge / owasp-orizon
  Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
  ☆144Updated 8 years ago
• incredibleindishell / sqlite-lab
  This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is f…
  ☆159Updated 3 years ago
• SpiderLabs / CryptOMG
  CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.
  ☆193Updated 10 years ago
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆229Updated last year
• tomsteele / burpbuddy
  burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…
  ☆157Updated 6 years ago