Vulnerable webapp testbed
-
Updated
May 11, 2016 - Java
#
intentionally-vulnerable
Here are 11 public repositories matching this topic...
SQL injection testbed designed for sqlmap practice (MySQL backend)
-
Updated
Feb 27, 2018 - PHP
Vulnerable REST based PHP webservice deployed in Docker
-
Updated
Feb 2, 2020 - CSS
Intentionally vulnerable JavaScript Code Snippets which are intended to benchmark Static Application Security Testing tools.
-
Updated
Mar 2, 2025 - JavaScript
VWA (vulnerable web applications) for SSJI, implemented in NodeJS and ExpressJS
-
Updated
Nov 24, 2022 - EJS
Intentionally vulnerable dApp for learning blockchain and smart contract security.
-
Updated
Mar 30, 2018 - JavaScript
A deliberately vulnerable web application exhibiting an unrestricted file upload vulnerability.
-
Updated
Apr 13, 2024 - CSS
A deliberately vulnerable web application exhibiting a simple password exposure vulnerability.
-
Updated
Apr 13, 2024 - PHP
A simple Django contact form with an intentional validation flaw
-
Updated
Feb 5, 2021 - Python
A deliberately vulnerable web application exhibiting a HTML injection vulnerability.
-
Updated
Apr 13, 2024 - CSS
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
-
Updated
Mar 27, 2025 - HCL
Improve this page
Add a description, image, and links to the intentionally-vulnerable topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the intentionally-vulnerable topic, visit your repo's landing page and select "manage topics."