Vulnerable app with examples showing how to not use secrets
翻译 - 有关如何不使用机密的示例
Vulnerable REST API with OWASP top 10 vulnerabilities for security testing
⚠️ This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory
#安全#OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber
A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
#安全#A simple PHP application to learn SQL Injection detection and exploitation techniques.
Vulnerable API for research and education
The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
A server vulnerable to XXE that can be used to test payloads using the xxer tool.
docker-compose bringing up multiple vulnerable applications inside containers.
This project is a vulnerable web application to practice on. It is designed for educational purposes to help security enthusiasts and developers understand and mitigate common web vulnerabilities.
📧 [Research] E-Mail Injection: Vulnerable applications
WebSafeHub - Vulnerable Web App
#安全#Vulnerable Web application made with PHP/SQL designed to help new web testers gain some experience and test DAST tools for identifying web vulnerabilities. Containing some of the most well-known vuln...
Vulnerable FastAPI in reference to Opensource Web Application Security Project (OWASP) TOP 10: 2021
This is a collection of vulnerable machines that can help you to learn hacking, pentesting and bug hunting. I know there are a lot of lists out there, but most of them are not updated regularly. So I ...
A website developed with Nodejs. This website includes server side prototype pollution vulnerability