WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by people to learn about application security and penetration testing techniques. WARNING 1: While running this program your machine will be extremely vulnerable to attack. You should disconnect from the Internet while using this program. WebGoat's default configuration binds to localhost to minimize the exposure. WARNING 2: This program is for educational purposes only. If you attempt these techniques without authorization, you are very likely to get caught. If you are caught engaging in unauthorized hacking, most companies will fire you. Claiming that you were doing security research will not work as that is the first thing that all hackers claim. Installation instructions: For more details check the Contribution guide 1. Run using Docker Already have a browser and ZAP and/or Burp installed on your machine in this case you can run the WebGoat image directly using Docker. Every release is a
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
A comprehensive mind map diagram summarizing Javascript syntax and concepts in a single picture.
Cybrary is an online learning platform that provides accessible and affordable training in cybersecurity skills.
A weekly newsletter covering computer security news and tutorials
Research project on bypassing default Falco ruleset with Dockerfile for sshayb/fuber:latest image.
Free online ethical hacking course covering penetration testing, web app assessments, exploit development, and security operations.
Collection of cybersecurity conference videos from GreHack 2018 covering various cutting-edge topics.