Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

Topic: "vulnerable-application"

roottusk/vapi

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

Language: HTML - Size: 23.8 MB - Last synced at: about 14 hours ago - Pushed at: 4 months ago - Stars: 1,249 - Forks: 316

rewanthtammana/Damn-Vulnerable-Bank

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

Language: Java - Size: 37.9 MB - Last synced at: 8 days ago - Pushed at: over 1 year ago - Stars: 695 - Forks: 204

oversecured/ovaa

Oversecured Vulnerable Android App

Language: Java - Size: 138 KB - Last synced at: about 1 month ago - Pushed at: 10 months ago - Stars: 686 - Forks: 186

SasanLabs/VulnerableApp

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

Language: Java - Size: 41.4 MB - Last synced at: about 2 hours ago - Pushed at: 6 months ago - Stars: 324 - Forks: 489

logicalhacking/DVHMA

Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.

Language: JavaScript - Size: 11.7 MB - Last synced at: about 1 month ago - Pushed at: over 6 years ago - Stars: 263 - Forks: 58

oversecured/OversecuredVulnerableiOSApp

Oversecured Vulnerable iOS App

Language: Swift - Size: 159 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 165 - Forks: 37

incredibleindishell/sqlite-lab

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

Language: PHP - Size: 8.12 MB - Last synced at: 3 days ago - Pushed at: over 3 years ago - Stars: 159 - Forks: 32

HTBridge/pivaa

Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.

Language: Java - Size: 3.83 MB - Last synced at: about 2 months ago - Pushed at: almost 5 years ago - Stars: 107 - Forks: 65

Warxim/vucsa

Vulnerable Client-Server Application (VuCSA) is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface).

Language: Java - Size: 121 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 78 - Forks: 26

jaiswalakshansh/Vuldroid

Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code

Language: Java - Size: 17.5 MB - Last synced at: 8 days ago - Pushed at: over 3 years ago - Stars: 64 - Forks: 19

JOSHUAJEBARAJ/GCP-GOAT

GCP GOAT is the vulnerable application for learn the GCP Security

Language: TypeScript - Size: 35.8 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 54 - Forks: 21

SasanLabs/VulnerableApp-facade

VulnerableApp-facade is probably most modern lightweight distributed farm of Vulnerable Applications built for handling wide range of vulnerabilities across tech stacks.

Language: TypeScript - Size: 6.77 MB - Last synced at: 24 days ago - Pushed at: over 1 year ago - Stars: 47 - Forks: 52

Aif4thah/VulnerableLightApp

Vulnerable API for research and education

Language: C# - Size: 122 KB - Last synced at: 3 days ago - Pushed at: 15 days ago - Stars: 44 - Forks: 69

arall/vulnerabilities

Examples of different vulnerabilities, in a variety of languages, shapes and sizes.

Language: HTML - Size: 5.13 MB - Last synced at: 7 days ago - Pushed at: about 1 year ago - Stars: 28 - Forks: 16

codingo/cracknet

A .net Crackme Challenge made for the SecTalks Brisbane 2017 Capture the Flag Event. Writeup/solution included.

Language: C# - Size: 162 KB - Last synced at: 7 days ago - Pushed at: over 7 years ago - Stars: 23 - Forks: 11

sec4you/VulnLabs

docker-compose bringing up multiple vulnerable applications inside containers.

Size: 2.93 KB - Last synced at: 11 days ago - Pushed at: over 7 years ago - Stars: 18 - Forks: 3

SVelizDonoso/wingkalabs

Wingkalabs (Linux) Wingkalabs es una máquina Virtual Linux intencionalmente vulnerable. Esta máquina virtual se puede utilizar para realizar entrenamientos de seguridad, probar herramientas de seguridad y practicar técnicas comunes de pruebas de penetración.

Size: 18.6 KB - Last synced at: about 2 years ago - Pushed at: about 7 years ago - Stars: 16 - Forks: 6

OWASP/www-project-vulnerable-flask-app

OWASP Foundation Web Respository

Language: HTML - Size: 9.77 KB - Last synced at: about 1 year ago - Pushed at: over 2 years ago - Stars: 12 - Forks: 8

appsecco/owasp-webgoat-dot-net-docker

Docker container for running OWASP WebGoat.NET application

Size: 122 KB - Last synced at: about 2 years ago - Pushed at: almost 7 years ago - Stars: 10 - Forks: 9

vvmlist/vvmlist.github.io

vvmlist is a list of vulnerable vms with key techniques used on them to solve.

Language: SCSS - Size: 15.4 MB - Last synced at: 24 days ago - Pushed at: 24 days ago - Stars: 9 - Forks: 3

lobuhi/lobuhi.github.io Fork of IppSec/ippsec.github.io

Rebujito is a fork of IppSec.Rocks and serves as a repo for hacking tools and other resources such as vulnerable apps, cheatsheets or methodologies.

Language: JavaScript - Size: 14.4 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 8 - Forks: 1

m3ssap0/wordpress-really-simple-security-authn-bypass-vulnerable-application

WARNING: This is a vulnerable application to test the exploit for the Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924). Run it at your own risk!

Language: Dockerfile - Size: 9.77 KB - Last synced at: about 1 month ago - Pushed at: 6 months ago - Stars: 7 - Forks: 0

videvelopers/Vulnerable-Flask-App

This is a vulnerable Flask web application designed to provide a lab environment for people who want to improve their web penetration testing skills. It includes multiple types of vulnerabilities for you to practice exploiting.

Language: Python - Size: 23.4 KB - Last synced at: about 1 month ago - Pushed at: about 2 years ago - Stars: 7 - Forks: 15

naryal2580/vfapi

Vulnerable FastAPI in reference to Opensource Web Application Security Project (OWASP) TOP 10: 2021

Language: Python - Size: 783 KB - Last synced at: about 2 years ago - Pushed at: over 3 years ago - Stars: 6 - Forks: 5

yusufarbc/DockerVuln

A TUI enviorment for vulnerable app containers.

Language: Shell - Size: 49.8 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 4 - Forks: 2

logicalhacking/DVGM

Vulnerable Grade Management System

Language: Ruby - Size: 95.7 KB - Last synced at: about 1 month ago - Pushed at: 8 months ago - Stars: 3 - Forks: 9

mleblebici/Vulnerable-Cassandra-App

testcases developed for research

Language: HTML - Size: 6.84 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 3 - Forks: 0

irvinlim/vulnerability-testbeds

Bootstrap various intentionally vulnerable web apps with Docker Compose

Size: 6.84 KB - Last synced at: about 2 years ago - Pushed at: over 7 years ago - Stars: 3 - Forks: 1

m3ssap0/wordpress-jetpack-broken-access-control-vulnerable-application

WARNING: This is a vulnerable application to test the exploit for the Jetpack < 13.9.1 broken access control (CVE-2024-9926). Run it at your own risk!

Language: Dockerfile - Size: 15.6 KB - Last synced at: about 1 month ago - Pushed at: 6 months ago - Stars: 2 - Forks: 0

anir0y/vwa_docker

vulnerable web application

Language: PHP - Size: 111 KB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 2 - Forks: 2

qwqoro/Mail-Injection

📧 [Research] E-Mail Injection: Vulnerable applications

Language: HTML - Size: 4.51 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 2 - Forks: 0

sec-zone/vuln_app

Another vulnerable application for practicing web penetration testing.

Language: Python - Size: 117 KB - Last synced at: about 1 year ago - Pushed at: over 4 years ago - Stars: 2 - Forks: 3

dr34mhacks/operation-file-hunt

A vulnerable lab for understanding difference between LFI and File Retrieval

Language: PHP - Size: 18.6 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 1 - Forks: 1

m3ssap0/cacti-rce-cve-2022-46169-vulnerable-application

WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2022-46169). Run it at your own risk!

Language: PHP - Size: 90.8 KB - Last synced at: 2 months ago - Pushed at: about 2 years ago - Stars: 1 - Forks: 2

th3r4ven/XSS-WEB-APP

Language: Python - Size: 2.33 MB - Last synced at: about 2 years ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 2

bocajspear1/manatee-bank-web-app

Vulnerable web app made for CNY Hackathon

Language: PHP - Size: 315 KB - Last synced at: about 1 year ago - Pushed at: about 5 years ago - Stars: 1 - Forks: 7

0x4F776C/Vulnerable-Binaries

Repository for Vulnerable Binaries

Size: 174 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 1

bnreplah/verademo Fork of veracode/verademo

A deliberately insecure Java web application

Language: Java - Size: 14.6 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 2

m3ssap0/cacti-rce-snmp-options-vulnerable-application

WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2023-39362). Run it at your own risk!

Language: PHP - Size: 41 KB - Last synced at: 2 months ago - Pushed at: 7 months ago - Stars: 0 - Forks: 0

Sn1r/DIBBA

DIBBA is an intentionally vulnerable Android application that makes the process of learning about Android Building Blocks more fun and interactive. Each activity contains a different CTF challenge

Language: Java - Size: 110 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

michealkeines/Vulnerable-API

The Vulnerable API Python Application is a purposely flawed Python app that uses Flask, Jinja, and SQLite3. It contains intentional security vulnerabilities like XSS, SQLi, HHI, LFI, RFI, and SSTI. The project aims to serve as an educational tool to learn about and test automated API scanners. Use responsibly in controlled environments only.

Language: Python - Size: 5.86 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0

UsagiB4/Vulnerable-Machines-for-Pentesting-and-Hacking

This is a collection of vulnerable machines that can help you to learn hacking, pentesting and bug hunting. I know there are a lot of lists out there, but most of them are not updated regularly. So I decided to make on myself. Hope this will help you

Size: 2.93 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0

aajuvonen/log4stdin

A Java application intentionally vulnerable to CVE-2021-44228

Language: Java - Size: 42 MB - Last synced at: almost 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 2

ShiftLeftSecurity/zipdu

zipdu is a webservice implementation vulnerable to zip bombs and directory traversals. Written in multiple different languages

Language: C++ - Size: 1.55 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 1

anil-yelken/OWASP-Istanbul-Vulnerable-Flask-App

OWASP Istanbul - Vulnerable Flask App

Size: 1.2 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0

digilant-demo/Vulnerable-Web-Application Fork of OWASP/Vulnerable-Web-Application

OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber

Size: 854 KB - Last synced at: about 2 years ago - Pushed at: almost 4 years ago - Stars: 0 - Forks: 1

webmip/b374k Fork of b374k/b374k

PHP Webshell with handy features

Language: CSS - Size: 2.41 MB - Last synced at: 6 months ago - Pushed at: over 8 years ago - Stars: 0 - Forks: 2

TheCJGCJG/CJFreedom-Panel 📦

The open source version of the CJFreedom Panel

Language: PHP - Size: 19.4 MB - Last synced at: almost 2 years ago - Pushed at: about 11 years ago - Stars: 0 - Forks: 4

Related Topics
vulnerable 11 vulnerable-web-app 11 security 9 docker 7 vulnerable-web-application 7 owasp-top-10 7 python 6 vulnerable-app 6 owasp 6 vulnerability 5 appsec 5 ctf 4 hacking 4 flask 4 hacktoberfest 4 vulnerable-container 4 vulnerabilities 4 pentesting 4 application-security 4 android-security 3 mobile-security 3 php 3 ctf-challenges 3 android 3 command-injection 3 docker-compose 3 vulnerable-flask-app 3 penetration-testing 3 rce 3 xss 2 injection 2 android-application 2 bugbounty 2 owasp-zap 2 reverse-engineering 2 cacti 2 vulnerable-android-apps 2 api 2 owasp-top-ten 2 rest-api 2 sql 2 vulnerable-api 2 wordpress 2 challenges 2 research 2 webgoat 2 capture-the-flag 2 cve-2023-39362 1 cve-2024-10924 1 flask-application 1 binary 1 really-simple-security 1 authentication-bypass 1 cybersecurity-education 1 cve-2022-46169 1 appsec-tutorials 1 xss-poc 1 damn-vulnerable-bank 1 infosec 1 broken-access-control 1 cve-2024-9926 1 jetpack 1 lfi 1 lfi-exploitation 1 security-audit 1 sql-injection 1 sqlite-injection 1 sqlite-lab 1 challenge 1 ctf-solutions 1 ctf-writeups 1 decompile 1 ida 1 radare2 1 writeup 1 cors 1 exercises 1 hacktoberfest-accepted 1 postman 1 burpsuite 1 css 1 java 1 javascript 1 learn-security 1 payload-testing 1 practice-hacking 1 spring-boot 1 test-vulnerability-scanning-tools 1 vulnerability-scanning 1 software-security 1 database 1 hackmyvm 1 hackthebox 1 vulnhub 1 vulnlab 1 cybersecurity-training 1 dotnet 1 educational-project 1 hacking-challenge 1 hacking-competitions 1