Repository navigation
vulnerable-application
- Website
- Wikipedia
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
Oversecured Vulnerable Android App
OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.
Oversecured Vulnerable iOS App
This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.
Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.
Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code
GCP GOAT is the vulnerable application for learn the GCP Security
VulnerableApp-facade is probably most modern lightweight distributed farm of Vulnerable Applications built for handling wide range of vulnerabilities across tech stacks.
Vulnerable API for research and education
Examples of different vulnerabilities, in a variety of languages, shapes and sizes.
A .net Crackme Challenge made for the SecTalks Brisbane 2017 Capture the Flag Event. Writeup/solution included.
Wingkalabs (Linux) Wingkalabs es una máquina Virtual Linux intencionalmente vulnerable. Esta máquina virtual se puede utilizar para realizar entrenamientos de seguridad, probar herramientas de seguridad y practicar técnicas comunes de pruebas de penetración.
docker-compose bringing up multiple vulnerable applications inside containers.
📧 [Research] E-Mail Injection: Vulnerable applications
Docker container for running OWASP WebGoat.NET application