xvwa
Vulnerability simulator
A training tool to help security enthusiasts learn web application security vulnerabilities and weaknesses by practicing on a deliberately flawed web application.
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
2k stars
81 watching
338 forks
Language: PHP
last commit: about 4 years ago
Linked from 3 awesome lists
application-securityknowledgelearning-appsecmysqlphpvulnerabilityxvwa
onlurking/awesome-infosec
joe-shenouda/awesome-cyber-skills
vavkamil/awesome-vulnerable-appsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 aif4thah/vulnerablelightapp | A vulnerable backend application designed to be hacked and used for educational purposes | 30 |
 yavuzlar/vulnlab | An open-source web application testing lab designed to simulate various web vulnerabilities. | 385 |
 appsecco/dvna | A tool to demonstrate common vulnerabilities in web applications and provide guidance on fixing them. | 706 |
 mihir-shah99/vulndroid | An Android app designed to demonstrate common web application vulnerabilities and provide training in secure coding practices. | 10 |
 roottusk/vapi | An API simulator designed to test and demonstrate common web application security vulnerabilities | 1,177 |
 0c34/govwa | A vulnerable web application designed to simulate common web vulnerabilities for educational purposes. | 175 |
 webpwnized/mutillidae | A deliberately vulnerable web application providing a controlled environment for learning and practicing web security skills. | 1,267 |
 qazbnm456/vwgen | Automates the creation of vulnerable web applications for testing and security research purposes. | 84 |
 owasp/webgoat.net | A penetration testing tool designed to simulate real-world web application vulnerabilities. | 69 |
 peco602/dvwassl | An SSL-enabled web application used to test web security vulnerabilities and simulate a production environment. | 5 |
 interference-security/dvws | An OWASP vulnerable web application demonstrating various security vulnerabilities using WebSockets | 342 |
 digininja/dvwa | A web application designed to simulate vulnerabilities and aid in security testing | 10,292 |
 mushorg/glastopf | A Python-based web application honeypot that simulates common web application vulnerabilities to detect and analyze potential threats. | 561 |
 mpirnat/lets-be-bad-guys | An educational project simulating common web app vulnerabilities for teaching security best practices | 185 |
 geosn0w/myriam | An iOS application designed to provide security challenges and vulnerabilities for researchers to study and analyze | 254 |