The OWASP Vulnerable Web Applications Directory Project (VWAD, https://owasp.org/www-project-vulnerable-web-applications-directory/) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
The individual collections are available via separate tabs on: https://owasp.org/www-project-vulnerable-web-applications-directory/
Just open a PR modifying the JSON file.
Please keep the file sorted by name. You can use this online tool to assist you: https://codeshack.io/json-sorter/. Entries should conform to the schema and are validated automatically during PR handling. You can also use this online service to check before submitting.
Since 20200331 they are automatically copied/deployed to the www-project-vulnerable-web-applications-directory repo, from which they are rendered on the owasp.org website.
