vulnerable-application

Here are 51 public repositories matching this topic...

roottusk / vapi

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

api docker php cors owasp postman exercises bugbounty appsec hacktoberfest vulnerable-application owasp-top-10 owasp-top-ten appsec-tutorials apitop10 hacktoberfest-accepted

Updated Jan 10, 2025
HTML

oversecured / ovaa

Star

Oversecured Vulnerable Android App

android-security mobile-security appsec vulnerable-application vulnerable-android-apps

Updated Jul 18, 2024
Java

rewanthtammana / Damn-Vulnerable-Bank

Star

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

android security hacking infosec application-security pentesting android-security hacktoberfest vulnerable-application vulnerable-android-apps damn-vulnerable-bank

Updated Dec 13, 2023
Java

SasanLabs / VulnerableApp

Star

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

javascript css java spring-boot owasp vulnerability appsec hacktoberfest owasp-zap burpsuite vulnerable-application vulnerability-scanning payload-testing learn-security test-vulnerability-scanning-tools practice-hacking

Updated Nov 11, 2024
Java

logicalhacking / DVHMA

Star

Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.

android cordova vulnerability vulnerable-application

Updated Aug 22, 2018
JavaScript

oversecured / OversecuredVulnerableiOSApp

Star

Oversecured Vulnerable iOS App

security ios mobile-security ios-security appsec vulnerable-application vulnerable-ios-apps

Updated Jan 10, 2024
Swift

incredibleindishell / sqlite-lab

Star

This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

security-audit sql-injection pentesting sqlite-lab vulnerable-application sqlite-injection

Updated Dec 9, 2021
PHP

HTBridge / pivaa

Star

Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.

android-application mobile-security vulnerable-application

Updated May 27, 2020
Java

Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.

Updated Sep 9, 2023
Java

jaiswalakshansh / Vuldroid

Sponsor

Star

Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code

android-application application-security deeplink android-security vulnerable-application webview-xss

Updated Sep 18, 2021
Java

JOSHUAJEBARAJ / GCP-GOAT

Star

GCP GOAT is the vulnerable application for learn the GCP Security

google gcp vulnerable-application cloud-security kubernetes-security

Updated May 20, 2025
TypeScript

R3dShad0w7 / PromptMe

Star

PromptMe is an educational project that showcases security vulnerabilities in large language models (LLMs) and their web integrations. It includes 10 hands-on challenges inspired by the OWASP LLM Top 10, demonstrating how these vulnerabilities can be discovered and exploited in real-world scenarios.

owasp vulnerable-application owasp-top-10 ai-security llm prompt-injection vulnerable-llm-application ai-security-testing prompt-injection-llm-security prompt-injection-defense llm-red-teaming llm-top10

Updated Jun 29, 2025
Python

SasanLabs / VulnerableApp-facade

Star

VulnerableApp-facade is probably most modern lightweight distributed farm of Vulnerable Applications built for handling wide range of vulnerabilities across tech stacks.

react docker nginx lightweight typescript lua docker-compose gateway proxy-server openresty hacktoberfest owasp-zap vulnerable-application vulnerable-web-application sasanlabs distributed-vulnerable-application

Updated Dec 4, 2023
TypeScript

Aif4thah / VulnerableLightApp

Sponsor

Star

Vulnerable API for research and education

Updated May 22, 2025
C#

arall / vulnerabilities

Star

Examples of different vulnerabilities, in a variety of languages, shapes and sizes.

security vulnerability vulnerabilities vulnerable vulnerable-application sast dast vulnerable-app

Updated Mar 7, 2024
HTML

codingo / cracknet

Star

A .net Crackme Challenge made for the SecTalks Brisbane 2017 Capture the Flag Event. Writeup/solution included.

challenge security reverse-engineering challenges ctf-writeups ida decompile ctf capture-the-flag vulnerable radare2 writeup vulnerable-application ctf-solutions ctf-challenges

Updated Oct 2, 2017
C#

SVelizDonoso / wingkalabs

Star

Wingkalabs (Linux) Wingkalabs es una máquina Virtual Linux intencionalmente vulnerable. Esta máquina virtual se puede utilizar para realizar entrenamientos de seguridad, probar herramientas de seguridad y practicar técnicas comunes de pruebas de penetración.

linux virtual-machine linux-kernel injection hacking pentesting ubuntu1404 vulnerable-application sistemas-operativos