The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Switch branches/tags
Nothing to show
Clone or download
Latest commit 756c126 Aug 3, 2018
Permalink
Failed to load latest commit information.
bin Adopt scripts to new paths Jul 10, 2017
dist Empty working directories created Nov 19, 2013
src/owasp-wiki Format adjustments Jul 18, 2018
.gitignore Fix tabs Dec 13, 2016
LICENSE Initial commit Oct 21, 2013
README.md README Interim Update Aug 4, 2017

README.md

OWASP-VWAD OWASP Incubator

The OWASP Vulnerable Web Applications Directory Project (VWAD, https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

Note: The data format of the collection files is currently being changed. The project is moving away from tsv to JSON. New JSON files are in place and should be updated when adding new projects/content. The *.tsv files have been deprecated.

The new raw data for the project is held in the /src/owasp-wiki/*.json files. The deprecated tsv files are located in /src/owasp-wiki/deprecated/*.tsv.

The full OWASP wiki source code is available at https://www.owasp.org/index.php?title=OWASP_Vulnerable_Web_Applications_Directory_Project&action=edit.

The individual five wiki source code pages are available at:

Recreate the tsv files from the OWASP wiki pages

  • Copy the five wiki source code pages into the src/owasp-wiki/ directory, using the following filenames: Online.wiki, Offline.wiki, OfflineOld.wiki, VMs.wiki, and VMsOld.wiki.
  • Run the python bin/owasp-wiki-to-tsv.py script

Regenerate the OWASP wiki pages after updating the tsv files

  • Run the python bin/tsv-to-owasp-wiki.py script
  • Update the five OWASP wiki pages with the contents of the new files available at dist/: Online.wiki, Offline.wiki, OfflineOld.wiki, VMs.wiki, and VMsOld.wiki.

Example to add a new entry via the tsv files (e.g. to the offline category)

  • Add the new entry for the new vulnerable application to the corresponding .tsv file (e.g. offline.tsv) under ./src
  • Use git to submit a pull request (or commit the changes) from the modified .tsv file to this GitHub project

Optional

  • Run the python bin/tsv-to-owasp-wiki.py script from the main project directory
  • This will generate all the .wiki files from the .tsv files under ./dist
  • Copy the contents of the corresponding .wiki file (e.g. Offline.wiki) to the official Wiki page of the OWASP VWAD project
    • IMPORTANT: Do not forget that the .wiki file does not include the header and the trailer used by the Wiki page to create the table. Simply, copy and paste the contents inside the current table.
  • (Optional) You can delete the contents of the ./dist directory after copying them to the Wiki