This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP Vulnerable Web Applications Directory Project/Pages/Online

Jump to: navigation, search
App Name / Link Technology Author Notes
Acuart PHP Acunetix Art shopping
Acublog .NET Acunetix Blog
Acuforum ASP Acunetix Forum
Altoro Mutual IBM/Watchfire (jsmith/Demo1234)
BGA Vulnerable BANK App .NET BGA Security
Crack Me Bank Trustwave
Enigma Group Enigma Group
Gruyere Python Google
Firing Range Google Source code
Hackademic Challenges Project PHP - Joomla OWASP
Hacker Challenge PCTechtips
Hackazon AJAX, JSON, XML, GwT, AMF NTObjectives Project page
Hacking Lab Hacking Lab eLearnSecurity Beta
HackThisSite HackThisSite Basic & Realistic (web) Missions
hackxor First 2 levels online (algo/smurf), rest offline
Juice Shop Javascript OWASP Demo instance. Do not use for massive attacks/scans!
Netsparker Test App .NET ASP.NET Netsparker
Netsparker Test App PHP PHP Netsparker
Pentester Academy
Security Tweets Acunetix HTML5
Vicnum Project Perl & PHP
Web Scanner Test Site NTOSpider (testuser/testpass)
XSS Test Suite
Zero Bank HP/SpiDynamics (admin/admin)