SuperSteelBlue's repositories
docker-bench-security
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
leastauthority.com
Least Authority S4
keywhiz
A system for distributing and managing secrets
WebGoat
WebGoat 8.0
railsgoat
A vulnerable version of Rails that follows the OWASP Top 10
js-vuln-db
A collection of JavaScript engine CVEs with PoCs
juice-shop
OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws.
NodeGoat
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
igoat
OWASP iGoat - A Deliberately Insecure iOS Application by Swaroop Yermalkar
JavaSecurity
Java web and command line application projects for different security topics
VulnerableSpring
Vulnerable Java based Web Application
JavaVulnerableLab
Vulnerable Java based Web Application
bodgeit
The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.
commix-testbed
A collection of web pages, vulnerable to command injection flaws.
dvna
Damn Vulnerable NodeJS Application
xvwa
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
hackazon
A modern vulnerable web app
AltoroJ
WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.
lets-be-bad-guys
A deliberately-vulnerable website and exercises for teaching about the OWASP Top 10
WackoPicko
WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
node.nV
Intentionally Vulnerable node.js application
sqli-labs
SQLI labs to test error based, Blind boolean based, Time based.
vulnerable-app
A sample web application using Node.js, Express and Angular that is vulnerable to common security vulnerabilities.
jquery-tiny-pubsub
A really, really, REALLY tiny pub/sub implementation for jQuery.
terracotta-bank
A darned-vulnerable Java web application - For educating on and practicing secure Java coding techniques
node-hack
A vulnerable nodejs application for hollywood-style hacking demos