vulnerable-web-app

A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.

ctf vulnerable-web-app apisecurity

Updated Apr 12, 2024
CSS

lucideus-repo / UnSAFE_Bank

Star

Vulnerable Banking Suite

hacking cybersecurity learn application-security security-vulnerability learning-by-doing mobile-security whitehat vulnerability-assessment ethical-hacking vulnerable-web-app security-testing vulnerable-applications vulnerable-android-apps vulnerable-webserver vulnerable-ios-apps

Updated Aug 6, 2023
PHP

GoSecure / template-injection-workshop

Star

Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.

template twig jinja2 velocity injection tornado freemarker codelabs appsec vulnerable-web-app

Updated Jan 10, 2023
CSS

lunasec-io / Spring4Shell-POC

Sponsor

Star

This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).

vulnerable-web-app spring4shell spring4shell-poc

Updated Aug 4, 2022
Python

appsecco / sqlinjection-training-app

Star

A simple PHP application to learn SQL Injection detection and exploitation techniques.

exploit sql-injection application-security web-security appsec vulnerable-web-app owasp-top-10 owasp-top-ten vulnerable-apps training-app

Updated Oct 18, 2022
PHP

Aif4thah / VulnerableLightApp

Sponsor

Star

Vulnerable API for educational purposes

Updated Nov 13, 2024
C#

TheTwitchy / vulnd_xxe

Star

A server vulnerable to XXE that can be used to test payloads using the xxer tool.

java xml vulnerable-web-app

Updated Mar 29, 2018
Java

OWASP / www-project-vulnerable-web-applications-directory

Sponsor

Star

The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

owasp appsec webappsec vulnerable-web-app vulnerable-web-application vulnerable-applications

Updated Oct 29, 2024
HTML

sec4you / VulnLabs

Star

docker-compose bringing up multiple vulnerable applications inside containers.

docker docker-compose vulnerabilities vulnerable vulnerable-container vulnerable-application vulnerable-web-app

Updated Jan 29, 2018

karimtariqx / HackerStories

Star

This project is a vulnerable web application to practice on. It is designed for educational purposes to help security enthusiasts and developers understand and mitigate common web vulnerabilities.

cybersecurity penetration-testing vulnerability pentesting bugbounty vulnerable-web-app

Updated Feb 21, 2024
PHP

OWASP / www-project-vulnerable-flask-app

Sponsor

Star

OWASP Foundation Web Respository

python flask rest-api owasp vulnerable-application web-pentest web-hacking vulnerable-web-app owasp-top-10 vulnerable-web-application vulnerable-app vulnerable-flask-app owasp-vulnerable-flask-app vulnerable-rest-api vulnerable-rest vulnerable-web-applications vulnerable-web-server web-pentest-lab

Updated Oct 26, 2022
HTML

qwqoro / Mail-Injection

Star

📧 [Research] E-Mail Injection: Vulnerable applications

Updated May 26, 2024
HTML

OSTEsayed / OSTE-Vulnerable-Web-Application

Star

Vulnerable Web application made with PHP/SQL designed to help new web testers gain some experience and test DAST tools for identifying web vulnerabilities. Containing some of the most well-known vulnerabilities such as SQL, cross-site scripting (XSS), OS command injections, our intention to expand more vulnerabilities for learning purposes.

php sql sql-injection xss-vulnerability web-security cyber-security vulnerable-web-app cross-site-scripting web-vulnerability os-command-injection

Updated Dec 15, 2023
PHP

naryal2580 / vfapi

Star

Vulnerable FastAPI in reference to Opensource Web Application Security Project (OWASP) TOP 10: 2021

sql nosql rest-api webapp vulnerable vulnerable-application vulnerable-web-app owasp-top-10 owasp-top-ten fastapi vulnerable-api owasp-top-ten-2021 owasp-top-10-2021

Updated Jan 3, 2022
Python

omarkurt / ssjs

Star

SSJS Web Shell Injection Case

vulnerable vulnerable-web-app ssjs-web injection-case

Updated Nov 4, 2019
JavaScript

UsagiB4 / Vulnerable-Machines-for-Pentesting-and-Hacking

Star

This is a collection of vulnerable machines that can help you to learn hacking, pentesting and bug hunting. I know there are a lot of lists out there, but most of them are not updated regularly. So I decided to make on myself. Hope this will help you

python go php js vulnerable-container vulnerable-application vulnerable-web-app vulnerable-app

Updated May 18, 2023

Improve this page

Add a description, image, and links to the vulnerable-web-app topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the vulnerable-web-app topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

vulnerable-web-app

Here are 60 public repositories matching this topic...

OWASP / wrongsecrets

erev0s / VAmPI

OWASP / OWASP-VWAD

OWASP / Vulnerable-Web-Application

Checkmarx / capital

lucideus-repo / UnSAFE_Bank

GoSecure / template-injection-workshop

lunasec-io / Spring4Shell-POC

appsecco / sqlinjection-training-app

Aif4thah / VulnerableLightApp

TheTwitchy / vulnd_xxe

OWASP / www-project-vulnerable-web-applications-directory

sec4you / VulnLabs

karimtariqx / HackerStories

OWASP / www-project-vulnerable-flask-app

qwqoro / Mail-Injection

OSTEsayed / OSTE-Vulnerable-Web-Application

naryal2580 / vfapi

omarkurt / ssjs

UsagiB4 / Vulnerable-Machines-for-Pentesting-and-Hacking

Improve this page

Add this topic to your repo