WebGoat
Vulnerability simulator
An intentionally flawed web application used to teach security lessons and demonstrate common vulnerabilities.
WebGoat is a deliberately insecure application
7k stars
210 watching
6k forks
Language: JavaScript
last commit: 12 months ago
Linked from 4 awesome lists
vitalysim/awesome-hacking-resources
onlurking/awesome-infosec
vavkamil/awesome-vulnerable-apps
guardrailsio/awesome-java-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 jerryhoff/webgoat.net | An educational web application designed to demonstrate common web security flaws and their countermeasures. | 226 |
 owasp/nodegoat | An environment to learn about OWASP Top 10 security risks in Node.js web applications | 1,895 |
| owasp/iotgoat | A deliberately insecure firmware designed to test common vulnerabilities in IoT devices | 717 |
| owasp/webgoat.net | A penetration testing tool designed to simulate real-world web application vulnerabilities. | 69 |
| owasp/igoat-swift | A Damn Vulnerable iOS Application for Learning Exploitation and Defense | 414 |
 rhinosecuritylabs/cloudgoat | An AWS deployment tool designed to provide intentionally vulnerable cloud infrastructure for hands-on learning and penetration testing. | 2,991 |
 scriptingxss/iotgoat | A deliberately insecure firmware project designed to test common IoT vulnerabilities | 181 |
| owasp/railsgoat | A vulnerable Ruby on Rails application designed to educate developers about common web security vulnerabilities. | 872 |
 xmendez/wfuzz | A tool to automatically generate and test web application inputs for security vulnerabilities | 5,978 |
 digininja/dvwa | A web application designed to simulate vulnerabilities and aid in security testing | 10,423 |
 bridgecrewio/terragoat | A training project that demonstrates how common configuration errors can be introduced into cloud infrastructure to test secure development best practices | 1,159 |
 ine-labs/gcpgoat | A vulnerable cloud infrastructure demonstrating common web application security risks and misconfigurations | 364 |
| owasp/go-scp | A comprehensive guide to secure coding practices for the Go programming language | 4,881 |
| owasp/nettacker | Automated tool for identifying vulnerabilities and gathering information about network services and systems. | 3,700 |
 tenable/cnappgoat | A tool for creating and managing vulnerable environments in cloud computing platforms. | 269 |