This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Vulnerable Web Applications Directory Project/Pages/Offline"

From OWASP
Jump to: navigation, search
(Vulnerable Web Application Project added)
m (Added Alert Labs)
 
Line 6: Line 6:
 
! scope="col" | Author
 
! scope="col" | Author
 
! scope="col" | Notes
 
! scope="col" | Notes
 +
|-
 +
|[https://github.com/Abhi-M/alert-labs Alert Labs]
 +
|PHP
 +
|[https://exploitme.info/alert-labs/ demo] [https://github.com/Abhi-M/alert-labs/archive/master.zip download] [https://exploitme.info/alert-labs/user-guide.php docs]
 +
|Abhi M Balakrishnan
 +
|Focusing only on XSS
 
|-
 
|-
 
| [https://github.com/CSPF-Founder/btslab/ btslab]
 
| [https://github.com/CSPF-Founder/btslab/ btslab]
Line 19: Line 25:
 
|  
 
|  
 
|-
 
|-
| [http://code.google.com/p/bodgeit/ BodgeIt Store ]
+
| [http://code.google.com/p/bodgeit/ BodgeIt Store]
 
| Java
 
| Java
 
| [http://code.google.com/p/bodgeit/downloads/list download]
 
| [http://code.google.com/p/bodgeit/downloads/list download]
Line 25: Line 31:
 
|  
 
|  
 
|-
 
|-
| [http://sechow.com/bricks/index.html Bricks ]
+
| [http://sechow.com/bricks/index.html Bricks]
 
| PHP
 
| PHP
 
| [http://sechow.com/bricks/download.html download] [http://sechow.com/bricks/docs/ docs]
 
| [http://sechow.com/bricks/download.html download] [http://sechow.com/bricks/docs/ docs]
Line 37: Line 43:
 
| Last updated in 2008
 
| Last updated in 2008
 
|-
 
|-
| [http://www.itsecgames.com/ bWAPP ]
+
| [http://www.itsecgames.com/ bWAPP]
 
| PHP
 
| PHP
 
| [http://sourceforge.net/projects/bwapp/files/ download] [http://itsecgames.blogspot.be/2013/01/bwapp-installation.html docs]
 
| [http://sourceforge.net/projects/bwapp/files/ download] [http://itsecgames.blogspot.be/2013/01/bwapp-installation.html docs]
Line 43: Line 49:
 
|  
 
|  
 
|-
 
|-
| [https://github.com/fridaygoldsmith/bwa_cyclone_transfers Cyclone Transfers ]
+
| [https://github.com/fridaygoldsmith/bwa_cyclone_transfers Cyclone Transfers]
 
| Ruby on Rails
 
| Ruby on Rails
 
|  
 
|  
Line 49: Line 55:
 
|  
 
|  
 
|-
 
|-
| [https://github.com/quantumfoam/DVNA/ Damn Vulnerable Node Application - DVNA ]
+
| [https://github.com/quantumfoam/DVNA/ Damn Vulnerable Node Application - DVNA]
 
| Node.js
 
| Node.js
 
| [https://github.com/quantumfoam/DVNA/ download]
 
| [https://github.com/quantumfoam/DVNA/ download]
Line 55: Line 61:
 
|  
 
|  
 
|-
 
|-
| [http://www.dvwa.co.uk/ Damn Vulnerable Web Application - DVWA ]
+
| [http://www.dvwa.co.uk/ Damn Vulnerable Web Application - DVWA]
 
| PHP
 
| PHP
 
| [http://code.google.com/p/dvwa/downloads/list download]
 
| [http://code.google.com/p/dvwa/downloads/list download]
Line 61: Line 67:
 
|  
 
|  
 
|-
 
|-
| [http://dvws.secureideas.net/ Damn Vulnerable Web Service - DVWS ]
+
| [http://dvws.secureideas.net/ Damn Vulnerable Web Service - DVWS]
 
| PHP
 
| PHP
 
| [http://dvws.secureideas.net/downloads/files/dvws.tgz download]
 
| [http://dvws.secureideas.net/downloads/files/dvws.tgz download]
Line 67: Line 73:
 
|  
 
|  
 
|-
 
|-
| [https://github.com/snoopysecurity/dvws Damn Vulnerable Web Services - DVWS ]
+
| [https://github.com/snoopysecurity/dvws Damn Vulnerable Web Services - DVWS]
 
| PHP
 
| PHP
 
|  
 
|  
Line 73: Line 79:
 
|  
 
|  
 
|-
 
|-
| [https://github.com/secvulture/dvta Damn Vulnerable Thick Client App - DVTA ]
+
| [https://github.com/secvulture/dvta Damn Vulnerable Thick Client App - DVTA]
 
| C# .NET
 
| C# .NET
 
|  
 
|  
Line 79: Line 85:
 
|  
 
|  
 
|-
 
|-
| [http://google-gruyere.appspot.com/ Gruyere ]
+
| [http://google-gruyere.appspot.com/ Gruyere]
 
| Python
 
| Python
 
| [http://google-gruyere.appspot.com/gruyere-code.zip download]
 
| [http://google-gruyere.appspot.com/gruyere-code.zip download]
Line 85: Line 91:
 
|  
 
|  
 
|-
 
|-
| [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project Hackademic Challenges Project ]
+
| [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project Hackademic Challenges Project]
 
| PHP
 
| PHP
 
| [https://code.google.com/p/owasp-hackademic-challenges/ download]
 
| [https://code.google.com/p/owasp-hackademic-challenges/ download]
Line 103: Line 109:
 
|  
 
|  
 
|-
 
|-
| [http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx Hacme Bank ]
+
| [http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx Hacme Bank]
 
| .NET
 
| .NET
 
| [http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-tools/hacme-bank.aspx download]
 
| [http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-tools/hacme-bank.aspx download]
Line 109: Line 115:
 
|  
 
|  
 
|-
 
|-
| [http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx Hacme Books ]
+
| [http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx Hacme Books]
 
| Java
 
| Java
 
| [http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-tools/hacmebooks.aspx download]
 
| [http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-tools/hacmebooks.aspx download]
Line 115: Line 121:
 
|  
 
|  
 
|-
 
|-
| [http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx Hacme Casino ]
+
| [http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx Hacme Casino]
 
| Ruby on Rails
 
| Ruby on Rails
 
| [http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-tools/hacme-casino.aspx download]
 
| [http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-tools/hacme-casino.aspx download]
Line 121: Line 127:
 
|  
 
|  
 
|-
 
|-
| [http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx Hacme Shipping ]
+
| [http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx Hacme Shipping]
 
| ColdFusion
 
| ColdFusion
 
| [http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-tools/hacmeshipping.aspx download]
 
| [http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-tools/hacmeshipping.aspx download]
Line 127: Line 133:
 
|  
 
|  
 
|-
 
|-
| [http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx Hacme Travel ]
+
| [http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx Hacme Travel]
 
| C++
 
| C++
 
| [http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-tools/hacmetravel.aspx download]
 
| [http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-tools/hacmetravel.aspx download]
Line 151: Line 157:
 
|  
 
|  
 
|-
 
|-
| [http://www.irongeek.com/i.php?page=mutillidae/mutillidae-deliberately-vulnerable-php-owasp-top-10 Mutillidae ]
+
| [http://www.irongeek.com/i.php?page=mutillidae/mutillidae-deliberately-vulnerable-php-owasp-top-10 Mutillidae]
 
| PHP
 
| PHP
 
| [http://www.irongeek.com/mutillidae/ download]
 
| [http://www.irongeek.com/mutillidae/ download]
Line 157: Line 163:
 
|  
 
|  
 
|-
 
|-
| [https://github.com/jerryhoff/WebGoat.NET .NET Goat ]
+
| [https://github.com/jerryhoff/WebGoat.NET .NET Goat]
 
| C#
 
| C#
 
| [https://github.com/jerryhoff/WebGoat.NET git repository]
 
| [https://github.com/jerryhoff/WebGoat.NET git repository]
Line 163: Line 169:
 
|  
 
|  
 
|-
 
|-
| [https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project NodeGoat ]
+
| [https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project NodeGoat]
 
| Node.js
 
| Node.js
 
| [https://github.com/OWASP/NodeGoat git repository]
 
| [https://github.com/OWASP/NodeGoat git repository]
Line 169: Line 175:
 
|  
 
|  
 
|-
 
|-
| [http://peruggia.sourceforge.net/ Peruggia ]
+
| [http://peruggia.sourceforge.net/ Peruggia]
 
| PHP
 
| PHP
 
| [http://sourceforge.net/projects/peruggia/files/ download]
 
| [http://sourceforge.net/projects/peruggia/files/ download]
Line 175: Line 181:
 
|  
 
|  
 
|-
 
|-
| [https://code.google.com/p/puzzlemall/ Puzzlemall ]
+
| [https://code.google.com/p/puzzlemall/ Puzzlemall]
 
| Java
 
| Java
 
| [https://code.google.com/p/puzzlemall/downloads/list download] [https://code.google.com/p/puzzlemall/downloads/list docs]
 
| [https://code.google.com/p/puzzlemall/downloads/list download] [https://code.google.com/p/puzzlemall/downloads/list docs]
Line 181: Line 187:
 
|  
 
|  
 
|-
 
|-
| [https://www.owasp.org/index.php/OWASP_Rails_Goat_Project Rails Goat ]
+
| [https://www.owasp.org/index.php/OWASP_Rails_Goat_Project Rails Goat]
 
| Ruby on Rails
 
| Ruby on Rails
 
| [https://github.com/OWASP/railsgoat/archive/master.zip download] [http://railsgoat.cktricky.com/getting_started.html docs]
 
| [https://github.com/OWASP/railsgoat/archive/master.zip download] [http://railsgoat.cktricky.com/getting_started.html docs]
Line 217: Line 223:
 
|  
 
|  
 
|-
 
|-
| [https://github.com/SpiderLabs/SQLol SQLol ]
+
| [https://github.com/SpiderLabs/SQLol SQLol]
 
| PHP
 
| PHP
 
| [https://github.com/SpiderLabs/SQLol/archive/master.zip download]
 
| [https://github.com/SpiderLabs/SQLol/archive/master.zip download]
Line 223: Line 229:
 
|  
 
|  
 
|-
 
|-
| [https://github.com/SpiderLabs/SQLol SQLol ]
+
| [https://github.com/SpiderLabs/SQLol SQLol]
 
| PHP
 
| PHP
 
| [https://github.com/SpiderLabs/SQLol/archive/master.zip download]
 
| [https://github.com/SpiderLabs/SQLol/archive/master.zip download]
Line 229: Line 235:
 
|  
 
|  
 
|-
 
|-
| [https://github.com/sakti/twitterlike twitterlike ]
+
| [https://github.com/sakti/twitterlike twitterlike]
 
| PHP
 
| PHP
 
| [https://github.com/sakti/twitterlike git repository]
 
| [https://github.com/sakti/twitterlike git repository]
Line 235: Line 241:
 
|  
 
|  
 
|-
 
|-
| [http://www.nth-dimension.org.uk/blog.php?id=88 VulnApp ]
+
| [http://www.nth-dimension.org.uk/blog.php?id=88 VulnApp]
 
| .NET
 
| .NET
 
| [http://projects.nth-dimension.org.uk/dir?d=VulnApp CVS download] [http://projects.nth-dimension.org.uk/rptview?rn=6 vulns]
 
| [http://projects.nth-dimension.org.uk/dir?d=VulnApp CVS download] [http://projects.nth-dimension.org.uk/rptview?rn=6 vulns]
Line 253: Line 259:
 
|
 
|
 
|-
 
|-
| [https://github.com/adamdoupe/WackoPicko WackoPicko ]
+
| [https://github.com/adamdoupe/WackoPicko WackoPicko]
 
| PHP
 
| PHP
 
| [https://github.com/adamdoupe/WackoPicko/zipball/master download] [http://cs.ucsb.edu/~adoupe/static/black-box-scanners-dimva2010.pdf whitepaper]
 
| [https://github.com/adamdoupe/WackoPicko/zipball/master download] [http://cs.ucsb.edu/~adoupe/static/black-box-scanners-dimva2010.pdf whitepaper]
Line 259: Line 265:
 
|  
 
|  
 
|-
 
|-
| [https://github.com/sectooladdict/wavsep WAVSEP - Web Application Vulnerability Scanner Evaluation Project ]
+
| [https://github.com/sectooladdict/wavsep WAVSEP - Web Application Vulnerability Scanner Evaluation Project]
 
| Java
 
| Java
 
| [https://sourceforge.net/projects/wavsep/ download (builds)] [https://code.google.com/p/wavsep/downloads/list download (old)] [https://github.com/sectooladdict/wavsep/wiki wiki]
 
| [https://sourceforge.net/projects/wavsep/ download (builds)] [https://code.google.com/p/wavsep/downloads/list download (old)] [https://github.com/sectooladdict/wavsep/wiki wiki]
Line 265: Line 271:
 
|  
 
|  
 
|-
 
|-
| [https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project WebGoat ]
+
| [https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project WebGoat]
 
| Java
 
| Java
 
| [http://code.google.com/p/webgoat/downloads/list download] [https://www.owasp.org/index.php/WebGoat_User_and_Install_Guide_Table_of_Contents guide]
 
| [http://code.google.com/p/webgoat/downloads/list download] [https://www.owasp.org/index.php/WebGoat_User_and_Install_Guide_Table_of_Contents guide]
Line 271: Line 277:
 
|  
 
|  
 
|-
 
|-
| [https://www.owasp.org/index.php/WebGoatPHP WebGoatPHP ]
+
| [https://www.owasp.org/index.php/WebGoatPHP WebGoatPHP]
 
| PHP
 
| PHP
 
| [https://github.com/OWASP/OWASPWebGoatPHP download] [https://github.com/OWASP/OWASPWebGoatPHP/blob/master/README.md guide]
 
| [https://github.com/OWASP/OWASPWebGoatPHP download] [https://github.com/OWASP/OWASPWebGoatPHP/blob/master/README.md guide]

Latest revision as of 19:05, 26 November 2019

App Name / Link Technology Other links Author Notes
Alert Labs PHP demo download docs Abhi M Balakrishnan Focusing only on XSS
btslab PHP Includes flash-based xss, SSRF, and SSI
BadStore Perl(CGI)
BodgeIt Store Java download
Bricks PHP download docs OWASP
Butterfly Security Project PHP download Last updated in 2008
bWAPP PHP download docs
Cyclone Transfers Ruby on Rails
Damn Vulnerable Node Application - DVNA Node.js download Claudio Lacayo
Damn Vulnerable Web Application - DVWA PHP download RandomStorm
Damn Vulnerable Web Service - DVWS PHP download Secure Ideas (depriciated?)
Damn Vulnerable Web Services - DVWS PHP snoopysecurity
Damn Vulnerable Thick Client App - DVTA C# .NET secvulture
Gruyere Python download Google
Hackademic Challenges Project PHP download OWASP
Hackazon Rapid7 Has some REST and new-school web components.
Hacme Bank - Android McAfee / Foundstone
Hacme Bank .NET download McAfee / Foundstone
Hacme Books Java download McAfee / Foundstone
Hacme Casino Ruby on Rails download McAfee / Foundstone
Hacme Shipping ColdFusion download McAfee / Foundstone
Hacme Travel C++ download McAfee / Foundstone
hackxor First 2 levels online, rest offline
Juice Shop Node/JS download docker guide OWASP
LampSecurity PHP
Mutillidae PHP download
.NET Goat C# git repository OWASP
NodeGoat Node.js git repository OWASP
Peruggia PHP download
Puzzlemall Java download docs
Rails Goat Ruby on Rails download docs OWASP
SecuriBench Java Stanford
SecuriBench Micro Java download Stanford
Security Shepherd Java download OWASP
SQL injection test environment PHP SQLmap Project
SQLI-labs PHP download blog
SQLol PHP download
SQLol PHP download
twitterlike PHP git repository Sakti Dwi Cahyono
VulnApp .NET CVS download vulns
Vulnerable Web App Exploit.co.il
Vulnerable Web Application Project PHP Github Hummingbirds Cyber Security Community
WackoPicko PHP download whitepaper
WAVSEP - Web Application Vulnerability Scanner Evaluation Project Java download (builds) download (old) wiki Shay Chen
WebGoat Java download guide OWASP
WebGoatPHP PHP download guide OWASP
WIVET - Web Input Vector Extractor Teaser download tests
Xtreme Vulnerable Web Application (XVWA) PHP/MySQL download @s4n7h0, @samanL33T