Vulnerable Applications
Browse 0 cybersecurity solutions, with 0 security professionals searching monthly
FEATURED
Collection of URLs for vulnerable web applications and systems for cybersecurity practice.
Linux-based operating system intentionally vulnerable for cybersecurity practice.
Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.
A list of vulnerable applications for testing and learning
A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.
A Linux-based environment for penetration testing and vulnerability exploitation
Deliberately vulnerable web application for security professionals to practice attack techniques.
A collection of vulnerable web application test cases designed to benchmark and evaluate the effectiveness of static security analyzers and penetration testing tools.
A collection of 20 cross-site scripting challenges covering various XSS attack vectors and filtering bypass techniques for educational purposes.
A deliberately vulnerable web application written in under 100 lines of Python code for educational purposes and web security testing.
An intentionally vulnerable web application containing multiple web service security flaws designed for educational purposes and security testing practice.
A deliberately vulnerable web application containing DOM-based XSS, CSRF, and other web vulnerabilities for security testing and educational purposes.
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
XVWA is an intentionally vulnerable PHP/MySQL web application designed for security education, containing multiple common web vulnerabilities for hands-on learning and practice.
Hackazon is a vulnerable web application storefront designed for security professionals to practice testing modern web technologies and identifying common vulnerabilities.
Vulnerable web application for beginners in penetration testing.
DIVA Android is an intentionally vulnerable Android application designed to teach security professionals and developers about mobile application security flaws through hands-on learning.
OVAA is an intentionally vulnerable Android application that aggregates common platform security vulnerabilities for educational and security testing purposes.
InsecureShop is an intentionally vulnerable Android application built in Kotlin for educating developers and security professionals about mobile app vulnerabilities and penetration testing techniques.
DVHMA is an intentionally vulnerable Android hybrid mobile app built with Apache Cordova for security testing and educational purposes.
A deliberately vulnerable Android application containing multiple security flaws designed for educational purposes and security training.
A deliberately vulnerable web application that uses WebSocket communication to provide a training environment for learning about WebSocket-related security vulnerabilities.
AzureGoat is a deliberately vulnerable Azure cloud infrastructure that incorporates OWASP Top 10 vulnerabilities and Azure service misconfigurations for security training and penetration testing practice.
A Windows kernel driver intentionally designed with various vulnerabilities to help security researchers practice kernel exploitation techniques.
