This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP SamuraiWTF Project

Jump to: navigation, search
OWASP Project Header.jpg

Project About

What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP SamuraiWTF
Purpose: The Samurai Web Testing Framework is a virtual machine and vagrant project focused on web application training and testing.
License: GNU GPL v3
who is working on this project?
Project Leader(s):
  • Kevin Johnson @
  • Jason Gillam @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: N/A
Project Roadmap: Not Yet Created
Key Contacts
  • Contact Kevin Johnson @ to contribute to this project
  • Contact Kevin Johnson @ to review or sponsor this project
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases

SamuraiWTF Project

The SamuraiWTF Project is a virtual machine that is designed to provide a safe training environment for application security testing.


SamuraiWTF (Web Training and Testing Framework) is a virtual machine, supported on VirtualBox and VMWare, that has been pre-configured to function as a web pen-testing and training environment. We have built the environment using Vagrant and Ansible to provide the easiest and most cross-platform mechanism to build and enhance the environment.

SamuraiWTF is built with one primary goal, Training. The environment contains a series of vulnerable applications and the tools necessary to learn how to assess various security risks.


The scripts and resources belonging to this project itself are licensed under the GNU Public License version 3 (GPL3). All software loaded into the VM, including the tools, targets, utilities, and operating system itself retain their original license agreements.


The highest priorities for the next 6 months</strong> are:

  • Continue adding target environments
  • Add more tools for API and mobile testing
  • Incorporate the mobile and container testing trainings

Getting Involved

Contributors are very welcome and the contribution process is standard:

  • fork this project
  • make your contribution
  • submit a pull request

Substantial or Regular contributors may also be brought in as full team members. This includes those who have made substantial contributions to previous versions of SamuraiWTF with the assumption they will continue to do so.

Project Resources

Source Code

Related vulnerable app collection

Project Leaders

Kevin Johnson
Jason Gillam

Related Projects


Project Type Files CODE.jpg
Incubator Project Owasp-builders-small.png
Affero General Public License 3.0