Vulnerable Applications

Damn Vulnerable Web Services

An intentionally vulnerable web application containing multiple web service security flaws designed for educational purposes and security testing practice.

0

Educational

+7

WebGoat

WebGoat is an OWASP-maintained deliberately insecure web application designed to teach web application security through hands-on exercises with intentional vulnerabilities.

0

WebGoat

WebGoat is an OWASP-maintained deliberately insecure web application designed to teach web application security through hands-on exercises with intentional vulnerabilities.

0

+6

Hackazon

Hackazon is a vulnerable web application storefront designed for security professionals to practice testing modern web technologies and identifying common vulnerabilities.

0

Hackazon

Hackazon is a vulnerable web application storefront designed for security professionals to practice testing modern web technologies and identifying common vulnerabilities.

0

+7

MCIR is a unified framework for building code injection vulnerability testbeds that combines SQL, XML, shell, and XSS injection testing tools with shared functionality and template-based extensibility.

0

Vulnerability Testing

Security Testing

MCIR

MCIR is a unified framework for building code injection vulnerability testbeds that combines SQL, XML, shell, and XSS injection testing tools with shared functionality and template-based extensibility.

0

Vulnerability Testing

Code Injection

+7

Java Vulnerable

A deliberately vulnerable Java web application designed for educational purposes to teach web application security concepts and common vulnerabilities.

0

Appsec Training

Java Vulnerable

A deliberately vulnerable Java web application designed for educational purposes to teach web application security concepts and common vulnerabilities.

0

+7

LAMPSecurity Training

A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.

0

Resources

Vulnerability Scanning

LAMPSecurity Training

A series of vulnerable virtual machine images with documentation to teach Linux, Apache, PHP, MySQL security.

0

Resources

Vulnerability Scanning

+7

Commix-Testbed

A collection of vulnerable web applications containing command injection flaws designed to test and evaluate detection and exploitation tools like commix.

0

Vulnerability Testing

Commix-Testbed

A collection of vulnerable web applications containing command injection flaws designed to test and evaluate detection and exploitation tools like commix.

0

Exploitation

+6

Damn Vulnerable Web Application (DVWA)

A deliberately vulnerable PHP/MySQL web application designed for security training, testing, and educational purposes in controlled environments.

0

Appsec Training

Damn Vulnerable Web Application (DVWA)

A deliberately vulnerable PHP/MySQL web application designed for security training, testing, and educational purposes in controlled environments.

0

+7

damnvulnerable.me

A deliberately vulnerable web application containing DOM-based XSS, CSRF, and other web vulnerabilities for security testing and educational purposes.

0

damnvulnerable.me

A deliberately vulnerable web application containing DOM-based XSS, CSRF, and other web vulnerabilities for security testing and educational purposes.

0

+6

Penetration Testing Practice Lab - Vulnerable Apps/Systems

Collection of URLs for vulnerable web applications and systems for cybersecurity practice.

0

Web App Security

Penetration Testing Practice Lab - Vulnerable Apps/Systems

Collection of URLs for vulnerable web applications and systems for cybersecurity practice.

0

Web App Security

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

A guide to brute forcing DVWA on the high security level with anti-CSRF tokens

0

Vulnerability Management

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

A guide to brute forcing DVWA on the high security level with anti-CSRF tokens

0

Vulnerability Management

App Security

Brute Force

+3

0l4bs Cross-site scripting labs

A collection of 20 cross-site scripting challenges covering various XSS attack vectors and filtering bypass techniques for educational purposes.

0

Security Training

Docker

0l4bs Cross-site scripting labs

A collection of 20 cross-site scripting challenges covering various XSS attack vectors and filtering bypass techniques for educational purposes.

0

+7

OWASP Damn Vulnerable Web Sockets (DVWS)

A deliberately vulnerable web application that uses WebSocket communication to provide a training environment for learning about WebSocket-related security vulnerabilities.

0

OWASP Damn Vulnerable Web Sockets (DVWS)

A deliberately vulnerable web application that uses WebSocket communication to provide a training environment for learning about WebSocket-related security vulnerabilities.

0

Websocket

Owasp

+7

Damn Small Vulnerable Web

A deliberately vulnerable web application written in under 100 lines of Python code for educational purposes and web security testing.

0

Damn Small Vulnerable Web

A deliberately vulnerable web application written in under 100 lines of Python code for educational purposes and web security testing.

0

+6

WackoPicko Vulnerable Website

WackoPicko is an intentionally vulnerable web application used for security testing, penetration testing practice, and vulnerability scanner evaluation.

0

Vulnerability Scanner

Educational

Owasp

Docker

Security Testing

Vulnerable App

WackoPicko Vulnerable Website

WackoPicko is an intentionally vulnerable web application used for security testing, penetration testing practice, and vulnerability scanner evaluation.

0

Vulnerability Scanner

+7

OWASP Hackademic Challenges

OWASP Hackademic Challenges is an educational web platform offering 10 realistic vulnerability scenarios for learning information security concepts through hands-on exploitation in a controlled environment.

0

OWASP Hackademic Challenges

OWASP Hackademic Challenges is an educational web platform offering 10 realistic vulnerability scenarios for learning information security concepts through hands-on exploitation in a controlled environment.

0