junghanlee

followers

following

stars

jh's repositories

awesome-vulnerable

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

MIT000

Benchmark

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.

Language:JavaGPL-2.0000

bwapp

an extremely buggy web app !

Language:PHP003

dvja

Damn Vulnerable Java (EE) Application

Language:JavaMIT000

dvna

Damn Vulnerable NodeJS Application

Language:CSSMIT000

dvpwa

Damn Vulnerable Python Web App

Language:PythonMIT000

DVWA

Damn Vulnerable Web Application (DVWA)

Language:PHPGPL-3.0000

ecsdemo-nodejs

Part 3 of a 4 part ECS workshop

Language:ShellMIT000

gg_test_public_event_repo

gitguardian_poc2

010

gg_test_repo

gitguardian_POC

000

KaiMonkey

KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.

Language:HCLApache-2.0000

kube-goat

A deliberately vulnerable Kubernetes cluster

000

oss2018

Open Security Summit 2018

000

OWASPWebGoatPHP

A deliberately vulnerable web application for learning web application security.

Language:PHPApache-2.0000

shiftleft-go-demo

000

shiftleft-java-demo

Language:JavaMIT000

shiftleft-python-demo

Language:Python000

shiftleft_test

Language:JavaMIT000

terraform-aws-secure-baseline

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

MIT000

terraform-examples

Simple and idiomatic examples of various Terraform functions and features.

Language:HCL000

terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Language:HCLApache-2.0000

vulnado

Purposely vulnerable Java application to help lead secure coding workshops

Language:JavaNOASSERTION000

vulnerability-java-samples

Sample exploits of common vulnerabilities in Java librarires

GPL-3.0000

vulnerable-app

A sample web application using Node.js, Express and Angular that is vulnerable to common security vulnerabilities.

000

vulnerable-node

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

Language:JavaScriptNOASSERTION000

Vulnerable-Web-Application

OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber

Language:PHPGPL-3.0000

VulnerableApp

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

Language:JavaApache-2.0000

vulpy

Vulnerable Python Application To Learn Secure Development

MIT000