Damn Small Vulnerable Web
Damn Small Vulnerable Web (DSVW) is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes. It supports majority of (most popular) web application vulnerabilities together with appropriate attacks. Quick start: Run the following command: $ python3 dsvw.py Damn Small Vulnerable Web (DSVW) < 100 LoC (Lines of Code) #v0.2a by: Miroslav Stampar (@stamparm) [i] running HTTP server at 'http://127.0.0.1:65412'... and navigate your browser to http://127.0.0.1:65412/: Requirements: Python (3.x) is required for running this program. Items XML External Entity (local), XML External Entity (remote) and Blind XPath Injection (boolean) require installation of python-lxml (e.g. apt-get install python-lxml). Otherwise, those will be disabled. To install lxml via pip, run the following command: pip install -r requirements.txt
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Automatically redirect users from www to non-www for a secure connection.
An open-source web application security scanner framework that identifies vulnerabilities in web applications.
A plugin for viewing, detecting weak configurations, and generating Content Security Policy headers.
A Windows Kernel driver intentionally vulnerable to help improve skills in kernel-level exploitation.
Websecurify provides efficient ways to protect organizations with sophisticated technology and expert consultancy.
A deliberately weak and insecure implementation of GraphQL for testing and practicing GraphQL security
A tool for brute-forcing GET and POST parameters to discover potential vulnerabilities in web applications.
A webshell manager via terminal for controlling web servers running PHP or MySQL.
Automated framework for monitoring and tampering system API calls of native macOS, iOS, and Android apps.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.