vulnerable-web-app

Here are 56 public repositories matching this topic...

OWASP / wrongsecrets

Vulnerable app with examples showing how to not use secrets

java docker kubernetes aws security vault azure gcp secrets owasp ctf keepass hashicorp-vault vulnerable-web-app devsecops secrets-management terraform-aws terraform-gcp terraform-azure

Updated May 5, 2024
Java

OWASP / OWASP-VWAD

Sponsor

Star

The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

owasp vulnerable appsec vulnerable-web-app vulnerable-web-application

Updated Apr 12, 2024

erev0s / VAmPI

Star

Vulnerable REST API with OWASP top 10 vulnerabilities for security testing

api api-rest vulnerable-web-app security-tools

Updated Apr 27, 2024
Python

OWASP / Vulnerable-Web-Application

Sponsor

Star

OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber

php sql web file-upload xss sql-injection xss-vulnerability command-execution directory-traversal vulnerable-web-app

Updated Apr 10, 2024
PHP

Checkmarx / capital

Star

A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.

ctf vulnerable-web-app apisecurity

Updated Apr 12, 2024
CSS

lucideus-repo / UnSAFE_Bank

Star

Vulnerable Banking Suite

hacking cybersecurity learn application-security security-vulnerability learning-by-doing mobile-security whitehat vulnerability-assessment ethical-hacking vulnerable-web-app security-testing vulnerable-applications vulnerable-android-apps vulnerable-webserver vulnerable-ios-apps

Updated Aug 6, 2023
PHP

GoSecure / template-injection-workshop

Star

Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.

template twig jinja2 velocity injection tornado freemarker codelabs appsec vulnerable-web-app

Updated Jan 10, 2023
CSS

lunasec-io / Spring4Shell-POC

Sponsor

Star

This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).

vulnerable-web-app spring4shell spring4shell-poc

Updated Aug 4, 2022
Python

appsecco / sqlinjection-training-app

Star

A simple PHP application to learn SQL Injection detection and exploitation techniques.

exploit sql-injection application-security web-security appsec vulnerable-web-app owasp-top-10 owasp-top-ten vulnerable-apps training-app

Updated Oct 18, 2022
PHP

TheTwitchy / vulnd_xxe

Star

A server vulnerable to XXE that can be used to test payloads using the xxer tool.

java xml vulnerable-web-app

Updated Mar 29, 2018
Java

sec4you / VulnLabs

Star

docker-compose bringing up multiple vulnerable applications inside containers.

docker docker-compose vulnerabilities vulnerable vulnerable-container vulnerable-application vulnerable-web-app

Updated Jan 29, 2018

OWASP / www-project-vulnerable-web-applications-directory

Sponsor

Star

The OWASP Vulnerable Web Applications Directory (VWAD) Project - OWASP Web Site

owasp appsec webappsec vulnerable-web-app vulnerable-web-application vulnerable-applications

Updated Apr 12, 2024
HTML

karimtariqx / HackerStories

Star

This project is a vulnerable web application to practice on. It is designed for educational purposes to help security enthusiasts and developers understand and mitigate common web vulnerabilities.

cybersecurity penetration-testing vulnerability pentesting bugbounty vulnerable-web-app

Updated Feb 21, 2024
PHP

OWASP / www-project-vulnerable-flask-app

Sponsor

Star

OWASP Foundation Web Respository

python flask rest-api owasp vulnerable-application web-pentest web-hacking vulnerable-web-app owasp-top-10 vulnerable-web-application vulnerable-app vulnerable-flask-app owasp-vulnerable-flask-app vulnerable-rest-api vulnerable-rest vulnerable-web-applications vulnerable-web-server web-pentest-lab

Updated Oct 26, 2022
HTML

naryal2580 / vfapi

Star

Vulnerable FastAPI in reference to Opensource Web Application Security Project (OWASP) TOP 10: 2021

sql nosql rest-api webapp vulnerable vulnerable-application vulnerable-web-app owasp-top-10 owasp-top-ten fastapi vulnerable-api owasp-top-ten-2021 owasp-top-10-2021

Updated Jan 3, 2022
Python

OSTEsayed / OSTE-Vulnerable-Web-Application

Star

Vulnerable Web application made with PHP/SQL designed to help new web testers gain some experience and test DAST tools for identifying web vulnerabilities. Containing some of the most well-known vulnerabilities such as SQL, cross-site scripting (XSS), OS command injections, our intention to expand more vulnerabilities for learning purposes.

php sql sql-injection xss-vulnerability web-security cyber-security vulnerable-web-app cross-site-scripting web-vulnerability os-command-injection