A fully functional Android app built entirely with Kotlin and Jetpack Compose

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

WebGoat is a deliberately insecure application

intentionally vuln web Application Security in django

Jenkins automation server

Super vulnerable todo list application

The Free Software Media System

OpenEMR is the most popular open source electronic health records and medical practice management solution. OpenEMR's goal is a superior alternative to its proprietary counterparts.

CTFs as you need them

Free Open Source Document Management System (mirror, no pull request or issues)

Certificate authority and access plane for SSH, Kubernetes, web apps, databases and desktops

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into product…

COVID-19 App

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Automate the creation of a lab environment complete with security tooling and logging best practices

CiviCRM (Core Application and Framework)

Collaborative Passwords Manager

Spirit is a modern Python based forum built on top of Django framework

FOLIO mod-circulation

A CMS framework for Node.js that supports in-context editing, schema-driven content types, flexible widgets, and much more. Hint: start with the docs and use apostrophe-cli.

Collection of library stubs for Python, with static types

Zulip server - powerful open source team chat

Repo for all the OWASP-SKF Docker lab examples

SQL 审核查询平台

Clone of OWASP Benchmark Project (Java) where all test cases have a dedicated directory more easy to manage by a human.

DNN (formerly DotNetNuke) is the leading open source web content management platform (CMS) in the Microsoft ecosystem.

Bandit is a tool designed to find common security issues in Python code.