vulnerablecorporation Goto Github PK

bodgeit

The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.

caponeme

Repository demonstrating the Capital One breach on your AWS account

cdkgoat

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

cfngoat

Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

cicd-goat

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

commix-testbed

A collection of web pages, vulnerable to command injection flaws.

cryptomg

CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.

dvca

Damn Vulnerable Cloud Application

dvna

Damn Vulnerable NodeJS Application

dvwa

Damn Vulnerable Web Application (DVWA)

dvws

Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities. NOTE: This project is out of date, please use https://github.com/snoopysecurity/dvws-node

firing-range

hackademic

the main hackademic code repository

hackazon

A modern vulnerable web app

juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

kubernetes-goat

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

log4shell-vulnerable-app

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

mcir

The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.

mutillidae

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

sentineltestbed

Vulnerable web site. Used to test sentinel features.

sqli-labs

SQLI labs to test error based, Blind boolean based, Time based.

sqlilabs

Lab set-up for learning SQL Injection Techniques

terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

vulnerable-node

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

vulnerableapp

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

vulnlab

wackopicko

WackoPicko is a vulnerable web application used to test web application vulnerability scanners.

webgoat

WebGoat is a deliberately insecure application

webgoat.net

OWASP WebGoat.NET