A Broken Application - Very Vulnerable!

Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities

Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

An example of a mis-configured Rails application release under MIT license.

Proof of concept code for Datadog Security Labs referenced exploits.

Web attack vectors collection

Ruby on Rails application like RailsGoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

A vulnerable version of Rails that follows the OWASP Top 10

A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.

a Damn Vulnerable Serverless Application

GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

A vulnerable server to practice pen testing.

This is the LLM integration app that contains the vulnerability; please use it to verify the vulnerability of the LLM integration app.

A Game of Hackers (CTF Scoreboard & Game Manager)

Vulnerable Terraform Projects - Fork of https://github.com/bridgecrewio/terragoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into product…