"topic:vulnerable-app" — Search

29 results for “topic:vulnerable-app”

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

HTML5.4k965Updated 4 months ago

blueteamcloud-nativecloud-securitycloudsecuritycontainercontainer-securitydevsecopsdockerhackinginfrastructurek8skuberneteskubernetes-goatkubernetes-securityowasppentestingredteamsecurityvulnerable-app

bayufedra/MBPTL

Best hands-on lab for learning the fundamentals of cybersecurity and penetration testing workflows also packaged as Docker containers for fast, safe setup.

Shell42374Updated 3 months ago

ctfctf-challengescyber-securityhack-the-boxhackinghacking-labpenetration-testingpentest-labvulnerable-appvulnerable-machines

incredibleindishell/CORS-vulnerable-Lab

Sample vulnerable code and its exploit code

PHP19044Updated 5 years ago

corscors-vulnerabilitycors-vulnerable-labvulnerable-app

appsecco/dvja

Damn Vulnerable Java (EE) Application

CSS147546Updated 2 years ago

dockerjavavulnerable-app

Warxim/vucsa

Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.

Java10027Updated 2 years ago

application-securityappseccapture-the-flagchallengesclient-serverctfctf-challengeshackingjavapenetration-testingrceremote-code-executionsecuritysql-injectionthick-clientvulnappvulnerabilityvulnerablevulnerable-appvulnerable-application

appsecco/VyAPI

VyAPI - A cloud based vulnerable hybrid Android App

Java8625Updated 6 years ago

application-securityaws-cognitomobile-securityvulnerable-app

convisolabs/CVWA

Conviso Vulnerable Web Application is the OSS project from the Conviso Application Security for the community. The project represents a vulnerable web application to practice security testing and improve your learning in AppSec..

HTML6336Updated 8 months ago

educationhacktoberfesthtmlowaspphpsecure-codingvulnerable-app

rootxjs/grpc-goat

gRPC Goat is a "Vulnerable by Design" lab created to provide an interactive, hands-on playground for learning and practicing gRPC security.

Go5111Updated 6 months ago

grpcgrpc-gogrpc-goatgrpc-labgrpc-securitygrpc-servergrpc-servicevulnerable-appvulnerable-applicationvulnerable-apps

arall/vulnerabilities

Examples of different vulnerabilities, in a variety of languages, shapes and sizes.

HTML2915Updated 2 years ago

dastsastsecurityvulnerabilitiesvulnerabilityvulnerablevulnerable-appvulnerable-application

qwqoro/Mail-Injection

📧 [Research] E-Mail Injection: Vulnerable applications

HTML171Updated 1 year ago

arbitraryarticlecommand-injectioncrlf-injectionemailemail-injectionimapinjectioninjection-attacksinjectionsinput-validationmailresearchsecuritysmtpvulnerabilitiesvulnerable-appvulnerable-applicationvulnerable-web-appvulnerable-web-application

nr-yolo/Vulnshop

Web Application Pentesting Lab with over 40 plus vulnerability, which covers all the owasp top 10 issues.

JavaScript170Updated 3 weeks ago

api-security-testingbug-bountyctfcybersecuritydvwadvws-nodejuice-shopowasppentest-toolpentestingpentesting-labsecure-codingsecurity-labtraining-labvulnerable-appweb-application-penetration-testingweb-application-securityweb-security

aira-security/Vulnerable-AI-Chatbot

An intentionally vulnerable AI chatbot to learn and practice AI Security.

HTML1616Updated 4 months ago

aiai-securityaisecurityartificial-intelligencechatbot-applicationchatgptgenaigenai-chatbotgenai-securityllmllm-chatbotllmsecurityopenaiowasp-llm-top-10owasp-top-10vulnerable-ai-chatbotvulnerable-appvulnerable-chatbot

OWASP/www-project-vulnerable-flask-app

OWASP Foundation Web Respository

HTML1412Updated 5 months ago

flaskowaspowasp-top-10owasp-vulnerable-flask-apppythonrest-apivulnerable-appvulnerable-applicationvulnerable-flask-appvulnerable-restvulnerable-rest-apivulnerable-web-appvulnerable-web-applicationvulnerable-web-applicationsvulnerable-web-serverweb-hackingweb-pentestweb-pentest-lab

UsagiB4/Vulnerable-Machines-for-Pentesting-and-Hacking

This is a collection of vulnerable machines that can help you to learn hacking, pentesting and bug hunting. I know there are a lot of lists out there, but most of them are not updated regularly. So I decided to make on myself. Hope this will help you

92Updated 2 years ago

gojsphppythonvulnerable-appvulnerable-applicationvulnerable-containervulnerable-web-app

brunobotelhobr/My-Vulnerable-Code-Snippets

Several snippets of vulnerable code in different programming languages.

Elixir56Updated 10 months ago

codesnippetsvulenrabilityvulnerabilitiesvulnerablevulnerable-appvulnerable-sample-app

omarkurt/CVE-2019-5418

File Content Disclosure on Rails Test Case - CVE-2019-5418

Ruby50Updated 7 years ago

cve-2019-5418rorvulnerable-app

knightr1d3r007/OWASP_IOTgoat_for_A5-V11_mini_router

IOTgoat is a vulnerable firmware made by the OWASP project. This is a custom made version of the 'IOTgoat firmware' built for the A5-V11 mini 3G router. This branch brings back the vulnerable IOT firmware back to a real IOT device, for a more realistic experience of IOT device exploitation on a budget.

32Updated 7 months ago

iot-applicationiot-devicepentestingpentesting-iotvulnerable-appvulnerable-web-app

rmkanda/sample-api-service

Sample Spring API for testing

Java228Updated 3 years ago

samplesecurityspring-bootvulnerable-app

sec-zone/vuln_app

Another vulnerable application for practicing web penetration testing.

Python25Updated 5 years ago

django-applicationpenetration-testingpentestingvulnerabilitiesvulnerabilityvulnerable-appvulnerable-applicationvulnerable-containervulnerable-web-app

gb233/Awesome-Vulnerable-Labs

Web/API, AI/LLM/MCP, and Web3/Blockchain security labs Android/iOS/Windows/macOS platforms plus PHP/Java/Node.js/Python stacks Cloud/Kubernetes, AD, IoT/ICS, CTF, and other specialized domains Continuously maintained collection of related resources

20Updated 1 month ago

awesomeawesome-listvulnerability-assessmentvulnerablevulnerable-appvulnerable-containervulnerable-web-appvulnerable-web-applicationvulnerablecode

musabdulai-io/standard-ragArchived

Intentionally insecure RAG demo for security testing. Test target for LLM Production Safety Scanner. DO NOT deploy publicly.

Python20Updated 2 months ago

ai-chatbotdockerdocument-qaembeddingsfastapilangchainllmnextjsopenaipineconepostgresqlpythonragretrieval-augmented-generationsecurity-testingsemantic-searchtest-targetvector-databasevulnerable-app

yusufarbc/apigoat

Deliberately vulnerable REST API for OWASP Top 10 (2023) security testing and learning.

HTML20Updated 3 months ago

bug-bounty-trainingcybersecurity-educationexpressjsmongodbnodejsowasp-top10penetration-testingrest-apisecurity-testingvulnerable-appvulnerable-applicationvulnerable-apps

akshatcore/Simulation-Sandbox

A live simulation environment featuring a deliberately vulnerable web app and an automated traffic generator for testing Web Application Firewalls (WAF).

Python10Updated 2 weeks ago

bash-scriptcybersecurityflaskpenetration-testingsecurity-testingtraffic-generatorvulnerable-appwaf-testing

ryanmcmorrowsnyk/vulnerable-js-app

Intentionally vulnerable JavaScript/Express app for testing security remediation tools - 217+ vulnerabilities

JavaScript11Updated 3 days ago

dependency-vulnerabilitiesexpressjavascriptowasp-top-10security-testingvulnerable-app

Fransuelton/vulnnotes

Sistema de notas propositalmente vulnerável para educação em segurança cibernética e testes de penetração - contém 12+ vulnerabilidades web intencionais (SQL Injection, XSS, Path Traversal, Command Injection, etc.)

JavaScript00Updated 7 months ago

bugbountycommand-injectioncybersecurityethical-hackingexpressinfosecintentionally-vulnerablenodejsowasp-top-10path-traversalpenetration-testingsecurity-educationsecurity-testingsecurity-trainingsql-injectionsqlitevulnerability-researchvulnerable-appweb-securityxss

ryanmcmorrowsnyk/vulnerable-typescript-app

Intentionally vulnerable TypeScript/Express app for testing security remediation tools - 212+ vulnerabilities

TypeScript02Updated 3 days ago

dependency-vulnerabilitiesexpressowasp-top-10security-testingtypescriptvulnerable-app

Martinskings/EntraGoat

🐐 Explore EntraGoat, a deliberately vulnerable Microsoft Entra ID environment for security training that simulates real-world misconfigurations and attack scenarios.

PowerShell00Updated 3 hours ago

agentsaialgorithmazure-active-directoryazureadbackupcloud-securityentragraphkaoyanmicrosoftmicrosoft-graphoiowasp-top-tenpowershell-modulesecuritytsinghua-universityucorevulnerabilitiesvulnerable-app

Al-hamza-ali/learn-kubernetes

🚀 Master Kubernetes in 14 days with clear lessons, diagrams, examples, and hands-on exercises designed for beginners.

00Updated 2 hours ago

azure-devopscloud-nativecloudsecuritycontainerdevops-coursedockerhands-oninfrastructurejenkinskubernetes-goatkubernetes-learningkubernetes-securitykubernetes-setupopenfaaspentestingprometheusvulnerable-app

Dishan-Chalana/vulnerable-node-api

Intentionally vulnerable Node.js REST API for benchmarking SAST, SCA, and code quality tools. Contains 30 real, functional issues across Critical/High/Medium/Low severities covering SQL injection, command injection, path traversal, IDOR, hardcoded secrets, and more. Not for production use.

JavaScript01Updated 2 weeks ago

issuesminimal-vulnerablenode-vulnerablesastsonarcloudsonarqubevulnerablevulnerable-appvulnerable-applicationvulnerable-appsvulnerable-containervulnerable-sample-appvulnerable-scanvulnerable-web-appvulnerable-web-applicationsvurna