Skip to content
@vulnerable-apps

vulnerable-apps

Over 100 forks of deliberately vulnerable web applications and APIs.

Pinned Loading

  1. awesome-vulnerable awesome-vulnerable Public template

    Forked from kaiiyer/awesome-vulnerable

    A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

    33 7

  2. vuln_node_express vuln_node_express Public

    Forked from kaakaww/vuln_node_express

    JavaScript 8

  3. dvpwa dvpwa Public

    Forked from anxolerd/dvpwa

    Damn Vulnerable Python Web App

    Python 2 14

  4. javaspringvulny javaspringvulny Public

    Forked from kaakaww/javaspringvulny

    javaspringvulny - a Spring Boot web application built wrong on purpose

    Java 12

  5. VulnLab VulnLab Public

    Forked from Yavuzlar/VulnLab

    CSS 2 3

Repositories

Showing 10 of 152 repositories
  • vulnerable-rest-api Public Forked from bnematzadeh/vulnerable-rest-api

    A vulnerable RESTful application written in Node and React based on OWASP API security top 10 2023 edition.

    vulnerable-apps/vulnerable-rest-api’s past year of commit activity
    JavaScript 0 MIT 15 0 1 Updated Dec 20, 2024
  • nosql-injection-vulnapp Public Forked from aabashkin/nosql-injection-vulnapp

    NIVA is a simple web application which is intentionally vulnerable to NoSQL injection. The purpose of this project is to facilitate a better understanding of the NoSQL injection vulnerability among a wide audience of software engineers, security engineers, pentesters, and trainers.

    vulnerable-apps/nosql-injection-vulnapp’s past year of commit activity
    Java 0 MIT 8 0 1 Updated Nov 12, 2024
  • simple-ssrf Public

    Simple deliberately vulnerable API demonstrating Server-Side Request Forgery (SSRF).

    vulnerable-apps/simple-ssrf’s past year of commit activity
    Python 0 0 0 4 Updated Nov 9, 2024
  • terragoat Public Forked from bridgecrewio/terragoat

    TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

    vulnerable-apps/terragoat’s past year of commit activity
    HCL 0 Apache-2.0 2,506 0 0 Updated Nov 8, 2024
  • SSRF_Vulnerable_Lab Public Forked from incredibleindishell/SSRF_Vulnerable_Lab

    This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

    vulnerable-apps/SSRF_Vulnerable_Lab’s past year of commit activity
    PHP 0 MIT 181 0 0 Updated Nov 8, 2024
  • Vulnerable-JWT Public Forked from agaosto/Vulnerable-JWT

    Collection of vulnerable APIs/apps to test JWT attacks

    vulnerable-apps/Vulnerable-JWT’s past year of commit activity
    JavaScript 3 2 0 8 Updated Oct 31, 2024
  • vulnerable-apps/crazy-vulnerable-nodejs-application’s past year of commit activity
    JavaScript 0 14 0 1 Updated Oct 26, 2024
  • vulnerable-apps/yrpreyTasksNodeJS’s past year of commit activity
    PHP 0 1 0 2 Updated Oct 20, 2024
  • brokencrystals-demo Public

    Mirror of broken crystals, but with specific dockerfiles for easy docker compose

    vulnerable-apps/brokencrystals-demo’s past year of commit activity
    TypeScript 0 MIT 1 0 5 Updated Oct 17, 2024
  • brokencrystals Public Forked from NeuraLegion/brokencrystals

    A Broken Application - Very Vulnerable!

    vulnerable-apps/brokencrystals’s past year of commit activity
    TypeScript 0 MIT 213 0 0 Updated Oct 16, 2024

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…