WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
☆346May 25, 2024Updated last year
Alternatives and similar repositories for WackoPicko
Users that are interested in WackoPicko are comparing it to the libraries listed below
Sorting:
- Vulnerable web site. Used to test sentinel features.☆11Nov 18, 2016Updated 9 years ago
- The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of co…☆446Aug 7, 2020Updated 5 years ago
- The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.☆281Aug 13, 2024Updated last year
- Short and simple vulnerable PHP web application that naïve scanners found to be perfectly safe☆14Dec 4, 2015Updated 10 years ago
- A modern vulnerable web app☆1,020Mar 11, 2021Updated 4 years ago
- A configurable SQL injection test-bed☆123Jul 19, 2013Updated 12 years ago
- Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn rea…☆458Dec 6, 2021Updated 4 years ago
- A simple capture the flag framework.☆125May 28, 2017Updated 8 years ago
- A collection of web pages, vulnerable to command injection flaws☆182Mar 5, 2023Updated 3 years ago
- Application Security Vulnerability Periodic Table☆14Aug 25, 2014Updated 11 years ago
- Updated version of SWFIntruder☆27Aug 16, 2016Updated 9 years ago
- Web Input Vector Extractor Teaser☆132Jan 6, 2022Updated 4 years ago
- A Custom Scanner for Burp☆31Mar 26, 2014Updated 11 years ago
- OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.☆355Dec 19, 2025Updated 2 months ago
- small set of scripts to practice exploit XSS and CSRF vulnerabilities☆65Dec 22, 2017Updated 8 years ago
- Damn Small Vulnerable Web☆858Dec 21, 2025Updated 2 months ago
- Vulnerable web application☆81Feb 17, 2026Updated 2 weeks ago
- A vulnerable web application to explain and illustrate deserialization of untrusted data with Pickle.☆13Sep 23, 2017Updated 8 years ago
- XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.☆1,744Sep 12, 2020Updated 5 years ago
- A tool to extract database data from a blind SQL injection vulnerability.☆32Jan 4, 2016Updated 10 years ago
- *This project is no longer maintained* OWASP GoatDroid is a fully functional and self-contained training environment for educating develo…☆254Jul 29, 2014Updated 11 years ago
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆884Mar 2, 2026Updated last week
- CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.☆194Jun 25, 2015Updated 10 years ago
- Lab set-up for learning SQL Injection Techniques☆101Dec 6, 2020Updated 5 years ago
- Vulnerable Java based Web Application☆270Jun 20, 2024Updated last year
- OWASP Broken Web Applications Project☆309Mar 13, 2024Updated last year
- A set of XSS vulnerable PHP scripts for testing☆39Feb 10, 2013Updated 13 years ago
- the main hackademic code repository☆324Oct 30, 2020Updated 5 years ago
- A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of se…☆484Aug 20, 2024Updated last year
- A server vulnerable to XXE that can be used to test payloads using the xxer tool.☆26Mar 29, 2018Updated 7 years ago
- Automating SQL injection using Burp Proxy Logs and SQLMap☆27Jul 6, 2012Updated 13 years ago
- The Web Application Vulnerability Scanner Evaluation Project☆241Oct 5, 2022Updated 3 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- Damn Vulnerable Thick Client App☆155Jul 16, 2020Updated 5 years ago
- 🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline☆56Nov 24, 2024Updated last year
- A simple web app with a XXE vulnerability.☆232Nov 10, 2021Updated 4 years ago
- Converts burp's sitemap to sulley's fuzzing script☆11Aug 30, 2015Updated 10 years ago
- Ruby Oracle Security Scanner☆16Jul 9, 2012Updated 13 years ago
- A Burp Suite extension that checks if a particular URL responds differently to various User-Agent headers☆15Sep 4, 2014Updated 11 years ago