adamdoupe / WackoPickoView external linksLinks
WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
☆344May 25, 2024Updated last year
Alternatives and similar repositories for WackoPicko
Users that are interested in WackoPicko are comparing it to the libraries listed below
Sorting:
- Vulnerable web site. Used to test sentinel features.☆11Nov 18, 2016Updated 9 years ago
- The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of co…☆446Aug 7, 2020Updated 5 years ago
- The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.☆281Aug 13, 2024Updated last year
- Short and simple vulnerable PHP web application that naïve scanners found to be perfectly safe☆14Dec 4, 2015Updated 10 years ago
- A modern vulnerable web app☆1,018Mar 11, 2021Updated 4 years ago
- A configurable SQL injection test-bed☆123Jul 19, 2013Updated 12 years ago
- Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn rea…☆457Dec 6, 2021Updated 4 years ago
- A simple capture the flag framework.☆125May 28, 2017Updated 8 years ago
- A collection of web pages, vulnerable to command injection flaws☆180Mar 5, 2023Updated 2 years ago
- Application Security Vulnerability Periodic Table☆14Aug 25, 2014Updated 11 years ago
- Updated version of SWFIntruder☆27Aug 16, 2016Updated 9 years ago
- Web Input Vector Extractor Teaser☆133Jan 6, 2022Updated 4 years ago
- A Custom Scanner for Burp☆31Mar 26, 2014Updated 11 years ago
- OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.☆356Dec 19, 2025Updated last month
- small set of scripts to practice exploit XSS and CSRF vulnerabilities☆65Dec 22, 2017Updated 8 years ago
- Damn Small Vulnerable Web☆856Dec 21, 2025Updated last month
- A vulnerable web application to explain and illustrate deserialization of untrusted data with Pickle.☆13Sep 23, 2017Updated 8 years ago
- XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.☆1,746Sep 12, 2020Updated 5 years ago
- *This project is no longer maintained* OWASP GoatDroid is a fully functional and self-contained training environment for educating develo…☆252Jul 29, 2014Updated 11 years ago
- A tool to extract database data from a blind SQL injection vulnerability.☆32Jan 4, 2016Updated 10 years ago
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆883Dec 15, 2025Updated 2 months ago
- CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.☆193Jun 25, 2015Updated 10 years ago
- Lab set-up for learning SQL Injection Techniques☆101Dec 6, 2020Updated 5 years ago
- Vulnerable Java based Web Application☆270Jun 20, 2024Updated last year
- OWASP Broken Web Applications Project☆310Mar 13, 2024Updated last year
- A set of XSS vulnerable PHP scripts for testing☆39Feb 10, 2013Updated 13 years ago
- the main hackademic code repository☆324Oct 30, 2020Updated 5 years ago
- A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of se…☆483Aug 20, 2024Updated last year
- A server vulnerable to XXE that can be used to test payloads using the xxer tool.☆26Mar 29, 2018Updated 7 years ago
- Automating SQL injection using Burp Proxy Logs and SQLMap☆27Jul 6, 2012Updated 13 years ago
- Damn Vulnerable Thick Client App☆154Jul 16, 2020Updated 5 years ago
- The Web Application Vulnerability Scanner Evaluation Project☆240Oct 5, 2022Updated 3 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,484Oct 12, 2024Updated last year
- A simple web app with a XXE vulnerability.☆230Nov 10, 2021Updated 4 years ago
- A Burp Suite extension that checks if a particular URL responds differently to various User-Agent headers☆15Sep 4, 2014Updated 11 years ago
- Converts burp's sitemap to sulley's fuzzing script☆11Aug 30, 2015Updated 10 years ago
- Ruby Oracle Security Scanner☆16Jul 9, 2012Updated 13 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,897Sep 27, 2021Updated 4 years ago
- My collection of exploit development skeletons for fuzzing, overwriting the stack, remote code execution, etc.☆16Mar 19, 2025Updated 10 months ago