Damn Small Vulnerable Web (DSVW) is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes. It supports majority of (most popular) web application vulnerabilities together with appropriate attacks. Quick start: Run the following command: $ python3 dsvw.py Damn Small Vulnerable Web (DSVW) < 100 LoC (Lines of Code) #v0.2a by: Miroslav Stampar (@stamparm) [i] running HTTP server at 'http://127.0.0.1:65412'... and navigate your browser to http://127.0.0.1:65412/: Requirements: Python (3.x) is required for running this program. Items XML External Entity (local), XML External Entity (remote) and Blind XPath Injection (boolean) require installation of python-lxml (e.g. apt-get install python-lxml). Otherwise, those will be disabled. To install lxml via pip, run the following command: pip install -r requirements.txt
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
A source code search engine for searching alphanumeric snippets, signatures, or keywords in web page HTML, JS, and CSS code.
A web application security testing platform that helps you test your knowledge on web application security through realistic scenarios with known vulnerabilities.
A security-focused general purpose memory allocator providing the malloc API with hardening against heap corruption vulnerabilities.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
ConDroid performs concolic execution of Android apps to observe 'interesting' behavior in dynamic analysis.
A tool for detecting capabilities in executable files, providing insights into a program's behavior and potential malicious activities.
A Java API for searching and downloading Android applications from Google Play with additional check-in features for generating ANDROID-ID.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.