There are 2 repositories under vulnerable-apps topic.
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities
A simple PHP application to learn SQL Injection detection and exploitation techniques.
Capture the flag challenges
AzureGenerat0r, a tool for automated generation and configuration of test environments in Microsoft Azure
Repository for code, PoCs and others for "Security development for Muggles"
Dataset with 54k vulnerable ELF executables, compiled from C sources and targetting i386 🗂️