WackoPicko Vulnerable Website Logo

WackoPicko Vulnerable Website

0
Free
Visit Website

WackoPicko is a website that contains known vulnerabilities. It was first used for the paper Why Johnny Can't Pentest: An Analysis of Black-box Web Vulnerability Scanners. WackoPicko is now included as an application in the OWASP Broken Web Applications Project which is a Virtual Machine with numerous intentionally vulnerable applications. For easy access, a Docker image has been created for WackoPicko, allowing users to run it with a simple command.

FEATURES

ALTERNATIVES

A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.

A browser with XSS detection capabilities

Drltrace is a dynamic API calls tracer for Windows and Linux applications.

YLS Language Server for YARA Language with comprehensive features and Python 3.8 support.

Automatic tool for pentesting XSS attacks against different applications

An integrated security platform that provides API discovery, runtime protection, security testing, and incident response capabilities for web applications, APIs, and AI systems.

A tool that safely installs packages with npm/yarn by auditing them as part of your install process.

Goof is a vulnerable Node.js demo application that includes a series of vulnerabilities and exploits