Awesome Vulnerable Applications
A curated list of various vulnerable by design applications
Online vulnerable app and CTFs
Paid tranining courses
Vuldroid - Android Application covering various static and dynamic vulnerabilities
Owasp Juice shop - OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
DVWA - Damn Vulnerable Web Application (DVWA)
DSVW - Damn Small Vulnerable Web
bWAPP - This is just an instance of the OWASP bWAPP project as a docker container.
Xtreme Vulnerable Web Application - XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
lazyweb - This web application is a demonstration of common server-side application flaws. Each of the vulnerabilities has its own difficulty rating.
OWASP Mutillidae II - OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast.
Pentest_lab - Local penetration testing lab using docker-compose.
Contributions welcome! Read the contribution guidelines first.
To the extent possible under law, vavkamil has waived all copyright and related or neighboring rights to this work.