XVWA is an intentionally vulnerable PHP/MySQL web application designed for security education, containing multiple common web vulnerabilities for hands-on learning and practice.

Hackazon is a vulnerable web application storefront designed for security professionals to practice testing modern web technologies and identifying common vulnerabilities.

A collection of 20 cross-site scripting challenges covering various XSS attack vectors and filtering bypass techniques for educational purposes.

An intentionally vulnerable web application containing multiple web service security flaws designed for educational purposes and security testing practice.

AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.