diff --git a/src/data/collection.json b/src/data/collection.json index 0e1ea5e..c04dcce 100644 --- a/src/data/collection.json +++ b/src/data/collection.json @@ -1,47 +1,46 @@ [ { - "url": "https://github.com/jerryhoff/WebGoat.NET", - "name": ".NET Goat", + "author": "OWASP", + "badge": "jerryhoff/WebGoat.NET", "collection": [ "offline" ], + "name": ".NET Goat", + "notes": "Original main repo: https://github.com/jerryhoff/WebGoat.NET. Others: https://github.com/rapPayne/WebGoat.Net , https://github.com/jowasp/WebGoat.NET.", + "references": [], "technology": [ "C#" ], - "references": [], - "author": "OWASP", - "notes": "Original main repo: https://github.com/jerryhoff/WebGoat.NET. Others: https://github.com/rapPayne/WebGoat.Net , https://github.com/jowasp/WebGoat.NET.", - "badge": "jerryhoff/WebGoat.NET" + "url": "https://github.com/jerryhoff/WebGoat.NET" }, { - "url": "http://testphp.vulnweb.com", - "name": "Acuart", + "author": "Acunetix", + "badge": null, "collection": [ "online" ], - "technology": [ - "PHP" - ], + "name": "Acuart", + "notes": "Art shopping", "references": [ { "name": "live", "url": "http://testphp.vulnweb.com" } ], - "author": "Acunetix", - "notes": "Art shopping", - "badge": null + "technology": [ + "PHP" + ], + "url": "http://testphp.vulnweb.com" }, { - "url": "http://demo.testfire.net/", - "name": "Altoro Mutual (AltoroJ)", + "author": "IBM/Watchfire", + "badge": "hclproducts/AltoroJ", "collection": [ "online", "offline" ], - "technology": [ - "J2EE" - ], + "name": "Altoro Mutual (AltoroJ)", + "notes": "Log in with jsmith/demo1234 or admin/admin", "references": [ { "name": "download", @@ -52,40 +51,40 @@ "url": "http://demo.testfire.net/" } ], - "author": "IBM/Watchfire", - "notes": "Log in with jsmith/demo1234 or admin/admin", - "badge": "hclproducts/AltoroJ" + "technology": [ + "J2EE" + ], + "url": "http://demo.testfire.net/" }, { - "url": "https://github.com/satishpatnayak/AndroGoat", - "name": "AndroGoat", + "author": "satishpatnayak", + "badge": "satishpatnayak/AndroGoat", "collection": [ "mobile" ], - "technology": [ - "Kotlin", - "Android" - ], + "name": "AndroGoat", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/satishpatnayak/MyTest/blob/master/AndroGoat.apk" } ], - "author": "satishpatnayak", - "notes": null, - "badge": "satishpatnayak/AndroGoat" + "technology": [ + "Kotlin", + "Android" + ], + "url": "https://github.com/satishpatnayak/AndroGoat" }, { - "url": "https://github.com/digininja/authlab", - "name": "AuthLab", + "author": "digininja (Robin Wood)", + "badge": "digininja/authlab", "collection": [ "offline", "online" ], - "technology": [ - "GO" - ], + "name": "AuthLab", + "notes": null, "references": [ { "name": "guide", @@ -96,53 +95,53 @@ "url": "https://authlab.digi.ninja/" } ], - "author": "digininja (Robin Wood)", - "notes": null, - "badge": "digininja/authlab" + "technology": [ + "GO" + ], + "url": "https://github.com/digininja/authlab" }, { - "url": "http://www.bgabank.com/", - "name": "BGA Vulnerable BANK App", + "author": "BGA Security", + "badge": null, "collection": [ "online" ], - "technology": [ - ".NET" - ], + "name": "BGA Vulnerable BANK App", + "notes": null, "references": [ { "name": "live", "url": "http://www.bgabank.com/" } ], - "author": "BGA Security", - "notes": null, - "badge": null + "technology": [ + ".NET" + ], + "url": "http://www.bgabank.com/" }, { - "url": "https://sourceforge.net/projects/bwapp/files/bee-box/", - "name": "Bee-Box", + "author": null, + "badge": null, "collection": [ "container" ], + "name": "Bee-Box", + "notes": null, + "references": [], "technology": [ "VMware" ], - "references": [], - "author": null, - "notes": null, - "badge": null + "url": "https://sourceforge.net/projects/bwapp/files/bee-box/" }, { - "url": "https://github.com/psiinon/bodgeit", - "name": "BodgeIt Store", + "author": "Simon Bennetts (psiinon)", + "badge": "psiinon/bodgeit", "collection": [ "offline", "container" ], - "technology": [ - "Java" - ], + "name": "BodgeIt Store", + "notes": null, "references": [ { "name": "download", @@ -153,19 +152,19 @@ "url": "https://hub.docker.com/r/psiinon/bodgeit" } ], - "author": "Simon Bennetts (psiinon)", - "notes": null, - "badge": "psiinon/bodgeit" + "technology": [ + "Java" + ], + "url": "https://github.com/psiinon/bodgeit" }, { - "url": "http://sechow.com/bricks/index.html", - "name": "Bricks", + "author": "OWASP", + "badge": null, "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "Bricks", + "notes": null, "references": [ { "name": "download", @@ -176,41 +175,41 @@ "url": "http://sechow.com/bricks/docs/" } ], - "author": "OWASP", - "notes": null, - "badge": null + "technology": [ + "PHP" + ], + "url": "http://sechow.com/bricks/index.html" }, { - "url": "https://github.com/NeuraLegion/brokencrystals#vulnerabilities-overview", - "name": "Broken Crystals", + "author": "NeuraLegion", + "badge": "NeuraLegion/brokencrystals", "collection": [ "offline", "online" ], - "technology": [ - "react", - "Node", - "Swagger" - ], + "name": "Broken Crystals", + "notes": null, "references": [ { "name": "live", "url": "https://brokencrystals.com/" } ], - "author": "NeuraLegion", - "notes": null, - "badge": "NeuraLegion/brokencrystals" + "technology": [ + "react", + "Node", + "Swagger" + ], + "url": "https://github.com/NeuraLegion/brokencrystals#vulnerabilities-overview" }, { - "url": "https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project", - "name": "Broken Web Applications Project (BWA) - OWASP", + "author": "OWASP - Chuck Willis", + "badge": null, "collection": [ "container" ], - "technology": [ - "VMware" - ], + "name": "Broken Web Applications Project (BWA) - OWASP", + "notes": null, "references": [ { "name": "download", @@ -221,76 +220,75 @@ "url": "https://sourceforge.net/projects/owaspbwa/files/" } ], - "author": "OWASP - Chuck Willis", - "notes": null, - "badge": null + "technology": [ + "VMware" + ], + "url": "https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project" }, { - "url": "https://sourceforge.net/projects/thebutterflytmp/files/ButterFly%20Project/", - "name": "Butterfly Security Project", + "author": null, + "badge": null, "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "Butterfly Security Project", + "notes": "Last updated in 2008", "references": [ { "name": "download", "url": "https://sourceforge.net/projects/thebutterflytmp/files/" } ], - "author": null, - "notes": "Last updated in 2008", - "badge": null + "technology": [ + "PHP" + ], + "url": "https://sourceforge.net/projects/thebutterflytmp/files/ButterFly%20Project/" }, { - "url": "https://ctflearn.com/", - "name": "CTFLearn", + "author": "@ctflearn", + "badge": null, "collection": [ "online" ], - "technology": [], + "name": "CTFLearn", + "notes": null, "references": [ { "name": "live", "url": "https://ctflearn.com/" } ], - "author": "@ctflearn", - "notes": null, - "badge": null + "technology": [], + "url": "https://ctflearn.com/" }, { - "url": "https://github.com/convisolabs/CVWA", - "name": "CVWA - Conviso Vulnerable Web Application", + "author": "Conviso AppSec", + "badge": "convisolabs/CVWA", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "CVWA - Conviso Vulnerable Web Application", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/convisolabs/CVWA" } ], - "author": "Conviso AppSec", - "notes": null, - "badge": "convisolabs/CVWA" + "technology": [ + "PHP" + ], + "url": "https://github.com/convisolabs/CVWA" }, { - "url": "https://github.com/RhinoSecurityLabs/cloudgoat", - "name": "CloudGoat", + "author": "Rhino Security Labs", + "badge": "RhinoSecurityLabs/cloudgoat", "collection": [ "offline", "container" ], - "technology": [ - "Python", - "AWS" - ], + "name": "CloudGoat", + "notes": null, "references": [ { "name": "guide", @@ -305,39 +303,39 @@ "url": "https://hub.docker.com/r/rhinosecuritylabs/cloudgoat" } ], - "author": "Rhino Security Labs", - "notes": null, - "badge": "RhinoSecurityLabs/cloudgoat" + "technology": [ + "Python", + "AWS" + ], + "url": "https://github.com/RhinoSecurityLabs/cloudgoat" }, { - "url": "https://github.com/SpiderLabs/CryptOMG", - "name": "CryptOMG", + "author": "SpiderLabs", + "badge": "SpiderLabs/CryptOMG", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "CryptOMG", + "notes": null, "references": [ { "name": "download", "url": "http://isc.sans.edu/forums/diary/Modern+Web+Application+Penetration+Testing+Hash+Length+Extension+Attacks/22792/" } ], - "author": "SpiderLabs", - "notes": null, - "badge": "SpiderLabs/CryptOMG" + "technology": [ + "PHP" + ], + "url": "https://github.com/SpiderLabs/CryptOMG" }, { - "url": "https://cyberscavengerhunt.com", - "name": "Cyber Scavenger Hunt", + "author": "Arthur Kay", + "badge": "arthurakay/cyberscavengerhunt", "collection": [ "online" ], - "technology": [ - "Javacript", - "React" - ], + "name": "Cyber Scavenger Hunt", + "notes": "A simple scavenger hunt to learn about pentesting a website or web application.", "references": [ { "name": "download", @@ -348,68 +346,69 @@ "url": "https://cyberscavengerhunt.com" } ], - "author": "Arthur Kay", - "notes": "A simple scavenger hunt to learn about pentesting a website or web application.", - "badge": "arthurakay/cyberscavengerhunt" + "technology": [ + "Javacript", + "React" + ], + "url": "https://cyberscavengerhunt.com" }, { - "url": "https://github.com/fridaygoldsmith/bwa_cyclone_transfers", - "name": "Cyclone Transfers", + "author": null, + "badge": "fridaygoldsmith/bwa_cyclone_transfers", "collection": [ "offline" ], + "name": "Cyclone Transfers", + "notes": null, + "references": [], "technology": [ "Ruby on Rails" ], - "references": [], - "author": null, - "notes": null, - "badge": "fridaygoldsmith/bwa_cyclone_transfers" + "url": "https://github.com/fridaygoldsmith/bwa_cyclone_transfers" }, { - "url": "https://github.com/snsttr/diwa", - "name": "DIWA - Deliberately Insecure Web Application", + "author": "Tim Steufmehl", + "badge": "snsttr/diwa", "collection": [ "offline", "container" ], - "technology": [ - "PHP", - "Docker" - ], + "name": "DIWA - Deliberately Insecure Web Application", + "notes": "A Deliberately Insecure Web Application", "references": [ { "name": "guide", "url": "https://github.com/snsttr/diwa/tree/master/docs" } ], - "author": "Tim Steufmehl", - "notes": "A Deliberately Insecure Web Application", - "badge": "snsttr/diwa" + "technology": [ + "PHP", + "Docker" + ], + "url": "https://github.com/snsttr/diwa" }, { - "url": "https://github.com/stamparm/DSVW", - "name": "Damn Small Vulnerable Web (DSVW)", + "author": "Miroslav Stampar", + "badge": "stamparm/DSVW", "collection": [ "offline" ], + "name": "Damn Small Vulnerable Web (DSVW)", + "notes": null, + "references": [], "technology": [ "Python" ], - "references": [], - "author": "Miroslav Stampar", - "notes": null, - "badge": "stamparm/DSVW" + "url": "https://github.com/stamparm/DSVW" }, { - "url": "https://github.com/AvalZ/DVAS", - "name": "Damn Vulnerable Application Scanner (DVAS)", + "author": "Andrea Valenza, Enrico Russo, Gabriele Costa", + "badge": "AvalZ/DVAS", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "Damn Vulnerable Application Scanner (DVAS)", + "notes": "An intentionally vulnerable web application scanner", "references": [ { "name": "guide", @@ -420,38 +419,38 @@ "url": "https://avalz.it/research/metasploit-pro-xss-to-rce/" } ], - "author": "Andrea Valenza, Enrico Russo, Gabriele Costa", - "notes": "An intentionally vulnerable web application scanner", - "badge": "AvalZ/DVAS" + "technology": [ + "PHP" + ], + "url": "https://github.com/AvalZ/DVAS" }, { - "url": "https://github.com/rewanthtammana/Damn-Vulnerable-Bank", - "name": "Damn Vulnerable Bank", + "author": "Rewanth Tammana, Akshansh Jaiswal, Hrushikesh Kakade", + "badge": "rewanthtammana/Damn-Vulnerable-Bank", "collection": [ "mobile" ], - "technology": [ - "android" - ], + "name": "Damn Vulnerable Bank", + "notes": null, "references": [ { "name": "guide", "url": "https://rewanthtammana.com/damn-vulnerable-bank/" } ], - "author": "Rewanth Tammana, Akshansh Jaiswal, Hrushikesh Kakade", - "notes": null, - "badge": "rewanthtammana/Damn-Vulnerable-Bank" + "technology": [ + "android" + ], + "url": "https://github.com/rewanthtammana/Damn-Vulnerable-Bank" }, { - "url": "https://github.com/njmulsqb/DVEA/", - "name": "Damn Vulnerable Electron App (DVEA)", + "author": "Najam Ul Saqib (cybersoldier)", + "badge": "njmulsqb/DVEA", "collection": [ "offline" ], - "technology": [ - "ElectronJS" - ], + "name": "Damn Vulnerable Electron App (DVEA)", + "notes": "A deliberately insecure ElectronJS application", "references": [ { "name": "announcement", @@ -462,51 +461,55 @@ "url": "https://github.com/njmulsqb/DVEA/" } ], - "author": "Najam Ul Saqib (cybersoldier)", - "notes": "A deliberately insecure ElectronJS application", - "badge": "njmulsqb/DVEA" + "technology": [ + "ElectronJS" + ], + "url": "https://github.com/njmulsqb/DVEA/" }, { - "url": "https://github.com/LunaM00n/File-Upload-Lab", - "name": "Damn Vulnerable File Upload - DVFU", + "author": "Thin Ba Shane (@art0flunam00n)", + "badge": "LunaM00n/File-Upload-Lab", "collection": [ "offline" ], + "name": "Damn Vulnerable File Upload - DVFU", + "notes": null, + "references": [], "technology": [ "PHP" ], - "references": [], - "author": "Thin Ba Shane (@art0flunam00n)", - "notes": null, - "badge": "LunaM00n/File-Upload-Lab" + "url": "https://github.com/LunaM00n/File-Upload-Lab" }, { - "url": "https://github.com/we45/DVFaaS-Damn-Vulnerable-Functions-as-a-Service", - "name": "Damn Vulnerable Functions as a Service (DVFaaS)", + "author": "we45 (Abhay Bhargav)", + "badge": "we45/DVFaaS-Damn-Vulnerable-Functions-as-a-Service", "collection": [ "offline" ], - "technology": [ - "Python", - "AWS" - ], + "name": "Damn Vulnerable Functions as a Service (DVFaaS)", + "notes": null, "references": [ { "name": "guide", "url": "https://www.slideshare.net/abhaybhargav/an-attackers-view-of-serverless-and-graphql-apps-abhay-bhargav-appsec-california-2019" } ], - "author": "we45 (Abhay Bhargav)", - "notes": null, - "badge": "we45/DVFaaS-Damn-Vulnerable-Functions-as-a-Service" + "technology": [ + "Python", + "AWS" + ], + "url": "https://github.com/we45/DVFaaS-Damn-Vulnerable-Functions-as-a-Service" }, { - "url": "https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application", - "name": "Damn Vulnerable GraphQL Application (DVGA)", + "author": "Dolev Farhi , Connor McKinnon", + "badge": "dolevf/Damn-Vulnerable-GraphQL-Application", "collection": [ "container", "offline" ], + "name": "Damn Vulnerable GraphQL Application (DVGA)", + "notes": null, + "references": [], "technology": [ "Python", "HTML", @@ -515,120 +518,116 @@ "SQLAlchemy", "docker" ], - "references": [], - "author": "Dolev Farhi , Connor McKinnon", - "notes": null, - "badge": "dolevf/Damn-Vulnerable-GraphQL-Application" + "url": "https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application" }, { - "url": "https://github.com/isp1r0/DVNA", - "name": "Damn Vulnerable Node Application - DVNA", + "author": "Claudio Lacayo", + "badge": "isp1r0/DVNA", "collection": [ "offline" ], + "name": "Damn Vulnerable Node Application - DVNA", + "notes": null, + "references": [], "technology": [ "Node.js" ], - "references": [], - "author": "Claudio Lacayo", - "notes": null, - "badge": "isp1r0/DVNA" + "url": "https://github.com/isp1r0/DVNA" }, { - "url": "https://github.com/appsecco/dvna", - "name": "Damn Vulnerable NodeJS Application - DVNA", + "author": "@appsecco", + "badge": "appsecco/dvna", "collection": [ "offline" ], + "name": "Damn Vulnerable NodeJS Application - DVNA", + "notes": "Different project from the old DVNA", + "references": [], "technology": [ "Node.js" ], - "references": [], - "author": "@appsecco", - "notes": "Different project from the old DVNA", - "badge": "appsecco/dvna" + "url": "https://github.com/appsecco/dvna" }, { - "url": "https://github.com/koenbuyens/Vulnerable-OAuth-2.0-Applications", - "name": "Damn Vulnerable OAuth 2.0 Applications", + "author": "Koen Buyens", + "badge": "koenbuyens/Vulnerable-OAuth-2.0-Applications", "collection": [ "offline" ], + "name": "Damn Vulnerable OAuth 2.0 Applications", + "notes": "A set of vulnerable applications which show Oauth2.0 vulnerabilities.", + "references": [], "technology": [ "MEAN", "Docker", "OAuth 2.0" ], - "references": [], - "author": "Koen Buyens", - "notes": "A set of vulnerable applications which show Oauth2.0 vulnerabilities.", - "badge": "koenbuyens/Vulnerable-OAuth-2.0-Applications" + "url": "https://github.com/koenbuyens/Vulnerable-OAuth-2.0-Applications" }, { - "url": "https://github.com/anxolerd/dvpwa", - "name": "Damn Vulnerable Python Web Application - DVPWA", + "author": "Oleksandr Kovalchuk", + "badge": "anxolerd/dvpwa", "collection": [ "offline" ], + "name": "Damn Vulnerable Python Web Application - DVPWA", + "notes": null, + "references": [], "technology": [ "Python", "Docker" ], - "references": [], - "author": "Oleksandr Kovalchuk", - "notes": null, - "badge": "anxolerd/dvpwa" + "url": "https://github.com/anxolerd/dvpwa" }, { - "url": "https://github.com/OWASP/DVSA", - "name": "Damn Vulnerable Serverless App (DVSA)", + "author": "Protego Labs", + "badge": "OWASP/DVSA", "collection": [ "offline" ], - "technology": [ - "Node", - "AWS", - "Azure" - ], + "name": "Damn Vulnerable Serverless App (DVSA)", + "notes": null, "references": [ { "name": "guide", "url": "https://github.com/OWASP/DVSA/tree/master/AWS/LESSONS" } ], - "author": "Protego Labs", - "notes": null, - "badge": "OWASP/DVSA" + "technology": [ + "Node", + "AWS", + "Azure" + ], + "url": "https://github.com/OWASP/DVSA" }, { - "url": "https://github.com/silentsignal/damn-vulnerable-stateful-web-app", - "name": "Damn Vulnerable Stateful WebApp", + "author": "dnet", + "badge": "silentsignal/damn-vulnerable-stateful-web-app", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "Damn Vulnerable Stateful WebApp", + "notes": null, "references": [ { "name": "download", "url": "http://www.sans.org/reading-room/whitepapers/testing/testing-stateful-web-application-workflows-36637" } ], - "author": "dnet", - "notes": null, - "badge": "silentsignal/damn-vulnerable-stateful-web-app" + "technology": [ + "PHP" + ], + "url": "https://github.com/silentsignal/damn-vulnerable-stateful-web-app" }, { - "url": "https://github.com/digininja/DVWA", - "name": "Damn Vulnerable Web Application - DVWA", + "author": "RandomStorm", + "badge": "ethicalhack3r/DVWA", "collection": [ "offline", "container" ], - "technology": [ - "PHP" - ], + "name": "Damn Vulnerable Web Application - DVWA", + "notes": null, "references": [ { "name": "download", @@ -639,79 +638,79 @@ "url": "https://github.com/digininja/DVWA#docker" } ], - "author": "RandomStorm", - "notes": null, - "badge": "ethicalhack3r/DVWA" + "technology": [ + "PHP" + ], + "url": "https://github.com/digininja/DVWA" }, { - "url": "https://github.com/snoopysecurity/dvws", - "name": "Damn Vulnerable Web Services", + "author": "snoopysecurity", + "badge": "snoopysecurity/dvws", "collection": [ "offline" ], + "name": "Damn Vulnerable Web Services", + "notes": null, + "references": [], "technology": [ "Web Services" ], - "references": [], - "author": "snoopysecurity", - "notes": null, - "badge": "snoopysecurity/dvws" + "url": "https://github.com/snoopysecurity/dvws" }, { - "url": "https://github.com/interference-security/DVWS", - "name": "Damn Vulnerable Web Sockets", + "author": "@appsecco", + "badge": "interference-security/DVWS", "collection": [ "offline" ], + "name": "Damn Vulnerable Web Sockets", + "notes": null, + "references": [], "technology": [ "Web Sockets" ], - "references": [], - "author": "@appsecco", - "notes": null, - "badge": "interference-security/DVWS" + "url": "https://github.com/interference-security/DVWS" }, { - "url": "https://defendtheweb.net/", - "name": "Defend the Web", + "author": "Luke [flabbyrabbit]", + "badge": null, "collection": [ "online" ], - "technology": [], + "name": "Defend the Web", + "notes": "Formerly HackThis", "references": [ { "name": "live", "url": "https://defendtheweb.net/" } ], - "author": "Luke [flabbyrabbit]", - "notes": "Formerly HackThis", - "badge": null + "technology": [], + "url": "https://defendtheweb.net/" }, { - "url": "https://github.com/red-and-black/DjangoGoat", - "name": "DjangoGoat", + "author": "Red and Black", + "badge": "red-and-black/DjangoGoat", "collection": [ "offline" ], + "name": "DjangoGoat", + "notes": null, + "references": [], "technology": [ "Python", "Django" ], - "references": [], - "author": "Red and Black", - "notes": null, - "badge": "red-and-black/DjangoGoat" + "url": "https://github.com/red-and-black/DjangoGoat" }, { - "url": "https://github.com/k-tamura/easybuggy", - "name": "EasyBuggy", + "author": "Kohei Tamura", + "badge": "k-tamura/easybuggy", "collection": [ "offline" ], - "technology": [ - "Java" - ], + "name": "EasyBuggy", + "notes": null, "references": [ { "name": "download", @@ -722,55 +721,57 @@ "url": "https://github.com/k-tamura/easybuggy/wiki" } ], - "author": "Kohei Tamura", - "notes": null, - "badge": "k-tamura/easybuggy" + "technology": [ + "Java" + ], + "url": "https://github.com/k-tamura/easybuggy" }, { - "url": "https://sourceforge.net/projects/exploitcoilvuln/files/", - "name": "Exploit.co.il Vuln Web App", + "author": null, + "badge": null, "collection": [ "container" ], - "technology": [ - "VMware" - ], + "name": "Exploit.co.il Vuln Web App", + "notes": null, "references": [ { "name": "download", "url": "https://sourceforge.net/projects/exploitcoilvuln/files/" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "VMware" + ], + "url": "https://sourceforge.net/projects/exploitcoilvuln/files/" }, { - "url": "https://github.com/vegabird/xvna", - "name": "Extreme Vulnerable Node Application", + "author": "vegabird", + "badge": "vegabird/xvna", "collection": [ "offline" ], - "technology": [ - "NodeJS" - ], + "name": "Extreme Vulnerable Node Application", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/vegabird/xvna" } ], - "author": "vegabird", - "notes": null, - "badge": "vegabird/xvna" + "technology": [ + "NodeJS" + ], + "url": "https://github.com/vegabird/xvna" }, { - "url": "https://public-firing-range.appspot.com/", - "name": "Firing Range", + "author": "Google", + "badge": "google/firing-range", "collection": [ "online" ], - "technology": [], + "name": "Firing Range", + "notes": null, "references": [ { "name": "download", @@ -781,76 +782,78 @@ "url": "https://public-firing-range.appspot.com/" } ], - "author": "Google", - "notes": null, - "badge": "google/firing-range" + "technology": [], + "url": "https://public-firing-range.appspot.com/" }, { - "url": "https://github.com/Orange-Cyberdefense/GOAD", - "name": "Game of Active Directory", + "author": "Orange-Cyberdefense", + "badge": "Orange-Cyberdefense/GOAD", "collection": [ "container" ], - "technology": [ - "Windows", - "Active Directory" - ], + "name": "Game of Active Directory", + "notes": "Requires a considerably powerful system", "references": [ { "name": "guide", "url": "https://mayfly277.github.io/categories/ad/" } ], - "author": "Orange-Cyberdefense", - "notes": "Requires a considerably powerful system", - "badge": "Orange-Cyberdefense/GOAD" + "technology": [ + "Windows", + "Active Directory" + ], + "url": "https://github.com/Orange-Cyberdefense/GOAD" }, { - "url": "http://www.gameofhacks.com/", - "name": "Game of Hacks", + "author": "Checkmarx", + "badge": null, "collection": [ "online" ], - "technology": [ - "Node", - "Express.js" - ], + "name": "Game of Hacks", + "notes": null, "references": [ { "name": "live", "url": "http://www.gameofhacks.com/" } ], - "author": "Checkmarx", - "notes": null, - "badge": null + "technology": [ + "Node", + "Express.js" + ], + "url": "http://www.gameofhacks.com/" }, { - "url": "https://sourceforge.net/projects/null-gameover/", - "name": "GameOver", + "author": null, + "badge": null, "collection": [ "container" ], - "technology": [ - "VMware" - ], + "name": "GameOver", + "notes": null, "references": [ { "name": "download", "url": "https://sourceforge.net/projects/null-gameover/files/" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "VMware" + ], + "url": "https://sourceforge.net/projects/null-gameover/" }, { - "url": "https://github.com/InsiderPhD/Generic-University", - "name": "Generic-University", + "author": " Katie Paxton-Fear ", + "badge": "InsiderPhD/Generic-University", "collection": [ "container", "offline" ], + "name": "Generic-University", + "notes": null, + "references": [], "technology": [ "PHP", "docker", @@ -859,23 +862,16 @@ "MySQL", "Laravel" ], - "references": [], - "author": " Katie Paxton-Fear ", - "notes": null, - "badge": "InsiderPhD/Generic-University" + "url": "https://github.com/InsiderPhD/Generic-University" }, { - "url": "https://ginandjuice.shop/", - "name": "Gin & Juice Shop", + "author": "PortSwigger", + "badge": null, "collection": [ "online" ], - "technology": [ - "JavaScript", - "AngularJS", - "React", - "CSRF" - ], + "name": "Gin & Juice Shop", + "notes": "A hosted always-online demo app with realistic technologies.", "references": [ { "name": "announcement", @@ -886,42 +882,45 @@ "url": "https://ginandjuice.shop/" } ], - "author": "PortSwigger", - "notes": "A hosted always-online demo app with realistic technologies.", - "badge": null + "technology": [ + "JavaScript", + "AngularJS", + "React", + "CSRF" + ], + "url": "https://ginandjuice.shop/" }, { - "url": "https://github.com/Checkmarx/Goatlin/", - "name": "Goatlin", + "author": "Checkmarx", + "badge": "Checkmarx/Goatlin", "collection": [ "mobile" ], - "technology": [ - "Kotlin", - "Android", - "API", - "REST" - ], + "name": "Goatlin", + "notes": null, "references": [ { "name": "guide", "url": "https://checkmarx.github.io/Kotlin-SCP/" } ], - "author": "Checkmarx", - "notes": null, - "badge": "Checkmarx/Goatlin" + "technology": [ + "Kotlin", + "Android", + "API", + "REST" + ], + "url": "https://github.com/Checkmarx/Goatlin/" }, { - "url": "https://github.com/snyk-labs/nodejs-goof", - "name": "Goof", + "author": "Snyk", + "badge": "snyk-labs/nodejs-goof", "collection": [ "offline", "container" ], - "technology": [ - "NodeJS" - ], + "name": "Goof", + "notes": "online - via Heroku deploy", "references": [ { "name": "guide", @@ -932,20 +931,20 @@ "url": "http://dreamerslab.com/blog/en/write-a-todo-list-with-express-and-mongodb/" } ], - "author": "Snyk", - "notes": "online - via Heroku deploy", - "badge": "snyk-labs/nodejs-goof" + "technology": [ + "NodeJS" + ], + "url": "https://github.com/snyk-labs/nodejs-goof" }, { - "url": "http://google-gruyere.appspot.com/", - "name": "Gruyere", + "author": "Google", + "badge": null, "collection": [ "offline", "online" ], - "technology": [ - "Python" - ], + "name": "Gruyere", + "notes": null, "references": [ { "name": "download", @@ -956,31 +955,31 @@ "url": "http://google-gruyere.appspot.com/" } ], - "author": "Google", - "notes": null, - "badge": null + "technology": [ + "Python" + ], + "url": "http://google-gruyere.appspot.com/" }, { - "url": "https://hack.me", - "name": "Hack.me", + "author": "eLearnSecurity", + "badge": null, "collection": [ "online" ], - "technology": [], - "references": [], - "author": "eLearnSecurity", + "name": "Hack.me", "notes": "Beta", - "badge": null + "references": [], + "technology": [], + "url": "https://hack.me" }, { - "url": "https://www.hackthis.co.uk/", - "name": "HackThis", + "author": "Luke Ward (0x6C77)", + "badge": "HackThis/hackthis.co.uk", "collection": [ "online" ], - "technology": [ - "PHP" - ], + "name": "HackThis", + "notes": null, "references": [ { "name": "download", @@ -991,16 +990,25 @@ "url": "https://www.hackthis.co.uk/" } ], - "author": "Luke Ward (0x6C77)", - "notes": null, - "badge": "HackThis/hackthis.co.uk" + "technology": [ + "PHP" + ], + "url": "https://www.hackthis.co.uk/" }, { - "url": "https://www.hackthissite.org", - "name": "HackThisSite", + "author": "HackThisSite Staff", + "badge": null, "collection": [ "online" ], + "name": "HackThisSite", + "notes": "Always-on CTF challenges including Basic, Realistic, Application, Steganography, and many others.", + "references": [ + { + "name": "live", + "url": "https://www.hackthissite.org" + } + ], "technology": [ "PHP", "Perl", @@ -1008,25 +1016,16 @@ "API", "Binaries" ], - "references": [ - { - "name": "live", - "url": "https://www.hackthissite.org" - } - ], - "author": "HackThisSite Staff", - "notes": "Always-on CTF challenges including Basic, Realistic, Application, Steganography, and many others.", - "badge": null + "url": "https://www.hackthissite.org" }, { - "url": "https://labs.hackxpert.com/", - "name": "HackXpert", + "author": "theXSSrat", + "badge": null, "collection": [ "online" ], - "technology": [ - "PHP" - ], + "name": "HackXpert", + "notes": null, "references": [ { "name": "guide", @@ -1037,17 +1036,19 @@ "url": "https://labs.hackxpert.com/" } ], - "author": "theXSSrat", - "notes": null, - "badge": null + "technology": [ + "PHP" + ], + "url": "https://labs.hackxpert.com/" }, { - "url": "https://hack-yourself-first.com/", - "name": "HackYourselfFirst", + "author": "Troy Hunt", + "badge": null, "collection": [ "online" ], - "technology": [], + "name": "HackYourselfFirst", + "notes": null, "references": [ { "name": "guide", @@ -1058,43 +1059,37 @@ "url": "https://hack-yourself-first.com/" } ], - "author": "Troy Hunt", - "notes": null, - "badge": null + "technology": [], + "url": "https://hack-yourself-first.com/" }, { - "url": "https://github.com/Hackademic/hackademic", - "name": "Hackademic Challenges Project", + "author": "OWASP", + "badge": "Hackademic/hackademic", "collection": [ "offline" ], - "technology": [ - "PHP", - "Joomla" - ], + "name": "Hackademic Challenges Project", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/Hackademic/hackademic" } ], - "author": "OWASP", - "notes": null, - "badge": "Hackademic/hackademic" + "technology": [ + "PHP", + "Joomla" + ], + "url": "https://github.com/Hackademic/hackademic" }, { - "url": "https://github.com/rapid7/hackazon", - "name": "Hackazon", + "author": "Rapid7 (NTObjectives)", + "badge": "rapid7/hackazon", "collection": [ "offline" ], - "technology": [ - "AJAX", - "JSON", - "XML", - "GwT", - "AMF" - ], + "name": "Hackazon", + "notes": null, "references": [ { "name": "download", @@ -1113,143 +1108,147 @@ "url": "https://github.com/rapid7/hackazon/blob/master/REST.md" } ], - "author": "Rapid7 (NTObjectives)", - "notes": null, - "badge": "rapid7/hackazon" + "technology": [ + "AJAX", + "JSON", + "XML", + "GwT", + "AMF" + ], + "url": "https://github.com/rapid7/hackazon" }, { - "url": "https://www.hacking-lab.com/events/", - "name": "Hacking Lab", + "author": "Hacking Lab", + "badge": null, "collection": [ "online" ], - "technology": [], + "name": "Hacking Lab", + "notes": null, "references": [ { "name": "live", "url": "https://www.hacking-lab.com/events/" } ], - "author": "Hacking Lab", - "notes": null, - "badge": null + "technology": [], + "url": "https://www.hacking-lab.com/events/" }, { - "url": "http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx", - "name": "Hacme Bank", + "author": "McAfee / Foundstone", + "badge": null, "collection": [ "offline" ], - "technology": [ - ".NET" - ], + "name": "Hacme Bank", + "notes": null, "references": [ { "name": "download", "url": "http://downloadcenter.mcafee.com/products/tools/foundstone/hacmebank2_install.zip" } ], - "author": "McAfee / Foundstone", - "notes": null, - "badge": null + "technology": [ + ".NET" + ], + "url": "http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx" }, { - "url": "http://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspx", - "name": "Hacme Bank - Android", + "author": "McAfee / Foundstone", + "badge": null, "collection": [ "offline" ], - "technology": [], - "references": [], - "author": "McAfee / Foundstone", + "name": "Hacme Bank - Android", "notes": null, - "badge": null + "references": [], + "technology": [], + "url": "http://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspx" }, { - "url": "http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx", - "name": "Hacme Books", + "author": "McAfee / Foundstone", + "badge": null, "collection": [ "offline" ], - "technology": [ - "Java" - ], + "name": "Hacme Books", + "notes": null, "references": [ { "name": "download", "url": "http://b2b-download.mcafee.com/products/tools/foundstone/hacmebooks2_installer.zip" } ], - "author": "McAfee / Foundstone", - "notes": null, - "badge": null + "technology": [ + "Java" + ], + "url": "http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx" }, { - "url": "http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx", - "name": "Hacme Casino", + "author": "McAfee / Foundstone", + "badge": null, "collection": [ "offline" ], - "technology": [ - "Ruby on Rails" - ], + "name": "Hacme Casino", + "notes": null, "references": [ { "name": "download", "url": "http://downloadcenter.mcafee.com/products/tools/foundstone/hacmecasino_installer.zip" } ], - "author": "McAfee / Foundstone", - "notes": null, - "badge": null + "technology": [ + "Ruby on Rails" + ], + "url": "http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx" }, { - "url": "http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx", - "name": "Hacme Shipping", + "author": "McAfee / Foundstone", + "badge": null, "collection": [ "offline" ], - "technology": [ - "ColdFusion" - ], + "name": "Hacme Shipping", + "notes": null, "references": [ { "name": "download", "url": "http://downloadcenter.mcafee.com/products/tools/foundstone/hacmeshipping.zip" } ], - "author": "McAfee / Foundstone", - "notes": null, - "badge": null + "technology": [ + "ColdFusion" + ], + "url": "http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx" }, { - "url": "http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx", - "name": "Hacme Travel", + "author": "McAfee / Foundstone", + "badge": null, "collection": [ "offline" ], - "technology": [ - "C++" - ], + "name": "Hacme Travel", + "notes": null, "references": [ { "name": "download", "url": "http://downloadcenter.mcafee.com/products/tools/foundstone/hacmetravel_install.zip" } ], - "author": "McAfee / Foundstone", - "notes": null, - "badge": null + "technology": [ + "C++" + ], + "url": "http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx" }, { - "url": "https://github.com/iknowjason/hammer", - "name": "Hammer", + "author": "iknowjason", + "badge": "iknowjason/hammer", "collection": [ "offline" ], - "technology": [ - "Ruby on Rails" - ], + "name": "Hammer", + "notes": "Includes manual build and docker options.", "references": [ { "name": "download", @@ -1260,250 +1259,249 @@ "url": "https://preprod.rtcfingroup.com/" } ], - "author": "iknowjason", - "notes": "Includes manual build and docker options.", - "badge": "iknowjason/hammer" + "technology": [ + "Ruby on Rails" + ], + "url": "https://github.com/iknowjason/hammer" }, { - "url": "https://sourceforge.net/projects/lampsecurity/", - "name": "LAMPSecurity", + "author": null, + "badge": null, "collection": [ "container", "offline" ], - "technology": [ - "VMware", - "PHP" - ], + "name": "LAMPSecurity", + "notes": null, "references": [ { "name": "download", "url": "https://sourceforge.net/projects/lampsecurity/files/" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "VMware", + "PHP" + ], + "url": "https://sourceforge.net/projects/lampsecurity/" }, { - "url": "https://github.com/christophetd/log4shell-vulnerable-app", - "name": "Log4Shell sample vulnerable application", + "author": "Christophe Tafani-Dereeper, Gerard Arall, rayhan0x01 Rayhan Ahmed", + "badge": "christophetd/log4shell-vulnerable-app", "collection": [ "container" ], + "name": "Log4Shell sample vulnerable application", + "notes": "CVE-2021-44228", + "references": [], "technology": [ "Spring Boot", "Log4j", "Java" ], - "references": [], - "author": "Christophe Tafani-Dereeper, Gerard Arall, rayhan0x01 Rayhan Ahmed", - "notes": "CVE-2021-44228", - "badge": "christophetd/log4shell-vulnerable-app" + "url": "https://github.com/christophetd/log4shell-vulnerable-app" }, { - "url": "https://github.com/OWASP/owasp-mstg/tree/master/Crackmes", - "name": "MSTG CrackMes", + "author": "OWASP", + "badge": "OWASP/owasp-mstg", "collection": [ "mobile" ], - "technology": [], - "references": [], - "author": "OWASP", + "name": "MSTG CrackMes", "notes": null, - "badge": "OWASP/owasp-mstg" + "references": [], + "technology": [], + "url": "https://github.com/OWASP/owasp-mstg/tree/master/Crackmes" }, { - "url": "https://github.com/OWASP/MSTG-Hacking-Playground", - "name": "MSTG Hacking Playground", + "author": "OWASP", + "badge": "OWASP/MSTG-Hacking-Playground", "collection": [ "mobile" ], - "technology": [], - "references": [ + "name": "MSTG Hacking Playground", + "notes": null, + "references": [ { "name": "guide", "url": "https://github.com/OWASP/MSTG-Hacking-Playground/wiki" } ], - "author": "OWASP", - "notes": null, - "badge": "OWASP/MSTG-Hacking-Playground" + "technology": [], + "url": "https://github.com/OWASP/MSTG-Hacking-Playground" }, { - "url": "https://github.com/SpiderLabs/MCIR", - "name": "Magical Code Injection Rainbow - MCIR", + "author": "SpiderLabs", + "badge": "SpiderLabs/MCIR", "collection": [ "offline" ], + "name": "Magical Code Injection Rainbow - MCIR", + "notes": null, + "references": [], "technology": [ "PHP" ], - "references": [], - "author": "SpiderLabs", - "notes": null, - "badge": "SpiderLabs/MCIR" + "url": "https://github.com/SpiderLabs/MCIR" }, { - "url": "https://github.com/cschneider4711/Marathon", - "name": "Marathon", + "author": "Christian Schneider", + "badge": "cschneider4711/Marathon", "collection": [ "offline" ], + "name": "Marathon", + "notes": "Vulnerable demo application", + "references": [], "technology": [ "JAVA", "Docker" ], - "references": [], - "author": "Christian Schneider", - "notes": "Vulnerable demo application", - "badge": "cschneider4711/Marathon" + "url": "https://github.com/cschneider4711/Marathon" }, { - "url": "https://community.rapid7.com/docs/DOC-1875", - "name": "Metasploitable 2", + "author": null, + "badge": null, "collection": [ "container" ], - "technology": [ - "VMware" - ], + "name": "Metasploitable 2", + "notes": null, "references": [ { "name": "download", "url": "https://sourceforge.net/projects/metasploitable/files/Metasploitable2/" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "VMware" + ], + "url": "https://community.rapid7.com/docs/DOC-1875" }, { - "url": "https://github.com/rapid7/metasploitable3/wiki/Vulnerabilities", - "name": "Metasploitable 3", + "author": null, + "badge": "rapid7/metasploitable3", "collection": [ "container" ], - "technology": [ - "VMware" - ], + "name": "Metasploitable 3", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/rapid7/metasploitable3" } ], - "author": null, - "notes": null, - "badge": "rapid7/metasploitable3" + "technology": [ + "VMware" + ], + "url": "https://github.com/rapid7/metasploitable3/wiki/Vulnerabilities" }, { - "url": "https://sourceforge.net/projects/w3af/files/moth/moth/", - "name": "Moth", + "author": null, + "badge": null, "collection": [ "container" ], - "technology": [ - "VMware" - ], + "name": "Moth", + "notes": null, "references": [ { "name": "download", "url": "https://sourceforge.net/projects/w3af/files/moth/moth/" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "VMware" + ], + "url": "https://sourceforge.net/projects/w3af/files/moth/moth/" }, { - "url": "http://www.irongeek.com/i.php?page=mutillidae/mutillidae-deliberately-vulnerable-php-owasp-top-10", - "name": "Mutillidae", + "author": null, + "badge": "webpwnized/mutillidae", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "Mutillidae", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/webpwnized/mutillidae" } ], - "author": null, - "notes": null, - "badge": "webpwnized/mutillidae" + "technology": [ + "PHP" + ], + "url": "http://www.irongeek.com/i.php?page=mutillidae/mutillidae-deliberately-vulnerable-php-owasp-top-10" }, { - "url": "http://aspnet.testsparker.com/", - "name": "Netsparker Test App .NET", + "author": "Netsparker", + "badge": null, "collection": [ "online" ], - "technology": [ - "ASP.NET" - ], + "name": "Netsparker Test App .NET", + "notes": null, "references": [ { "name": "live", "url": "http://aspnet.testsparker.com/" } ], - "author": "Netsparker", - "notes": null, - "badge": null + "technology": [ + "ASP.NET" + ], + "url": "http://aspnet.testsparker.com/" }, { - "url": "http://php.testsparker.com/", - "name": "Netsparker Test App PHP", + "author": "Netsparker", + "badge": null, "collection": [ "online" ], - "technology": [ - "PHP" - ], + "name": "Netsparker Test App PHP", + "notes": null, "references": [ { "name": "live", "url": "http://php.testsparker.com/" } ], - "author": "Netsparker", - "notes": null, - "badge": null + "technology": [ + "PHP" + ], + "url": "http://php.testsparker.com/" }, { - "url": "https://digi.ninja/projects/nosqli_lab.php", - "name": "NoSQL Injection Lab", + "author": "@digininja", + "badge": "digininja/nosqlilab", "collection": [ "offline" ], - "technology": [ - "PHP", - "MongoDB" - ], + "name": "NoSQL Injection Lab", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/digininja/nosqlilab" } ], - "author": "@digininja", - "notes": null, - "badge": "digininja/nosqlilab" + "technology": [ + "PHP", + "MongoDB" + ], + "url": "https://digi.ninja/projects/nosqli_lab.php" }, { - "url": "https://github.com/aabashkin/nosql-injection-vulnapp", - "name": "NoSQL Injection Vulnerable App (NIVA)", + "author": "Anton Abashkin", + "badge": "aabashkin/nosql-injection-vulnapp", "collection": [ "offline", "container" ], - "technology": [ - "Java", - "MongoDB" - ], + "name": "NoSQL Injection Vulnerable App (NIVA)", + "notes": null, "references": [ { "name": "docker", @@ -1514,93 +1512,91 @@ "url": "https://github.com/aabashkin/nosql-injection-vulnapp/blob/main/README.md" } ], - "author": "Anton Abashkin", - "notes": null, - "badge": "aabashkin/nosql-injection-vulnapp" + "technology": [ + "Java", + "MongoDB" + ], + "url": "https://github.com/aabashkin/nosql-injection-vulnapp" }, { - "url": "https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project", - "name": "NodeGoat", + "author": "OWASP", + "badge": "OWASP/NodeGoat", "collection": [ "offline" ], - "technology": [ - "Node.js" - ], + "name": "NodeGoat", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/OWASP/NodeGoat" } ], - "author": "OWASP", - "notes": null, - "badge": "OWASP/NodeGoat" + "technology": [ + "Node.js" + ], + "url": "https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project" }, { - "url": "https://github.com/cr0hn/vulnerable-node", - "name": "NodeVulnerable", + "author": "cr0hn", + "badge": "cr0hn/vulnerable-node", "collection": [ "offline" ], + "name": "NodeVulnerable", + "notes": null, + "references": [], "technology": [ "Node.js" ], - "references": [], - "author": "cr0hn", - "notes": null, - "badge": "cr0hn/vulnerable-node" + "url": "https://github.com/cr0hn/vulnerable-node" }, { - "url": "https://github.com/OSTEsayed/OSTE-Vulnerable-Web-Application", - "name": "OSTE-Vulnerable-Web-Application", + "author": "(OSTE)Oudjani seyyid taqi eddine", + "badge": "OSTEsayed/OSTE-Vulnerable-Web-Application", "collection": [ "offline" ], + "name": "OSTE-Vulnerable-Web-Application", + "notes": "Vulnerable web application", + "references": [], "technology": [ "PHP" ], - "references": [], - "author": "(OSTE)Oudjani seyyid taqi eddine", - "notes": "Vulnerable web application", - "badge": "OSTEsayed/OSTE-Vulnerable-Web-Application" + "url": "https://github.com/OSTEsayed/OSTE-Vulnerable-Web-Application" }, { - "url": "https://owasp.org/www-project-damn-vulnerable-web-sockets/", - "name": "OWASP Damn Vulnerable Web Sockets (DVWS)", + "author": "Abhineet Jayaraj (@xploresec)", + "badge": "interference-security/DVWS", "collection": [ "offline" ], - "technology": [ - "PHP", - "HTML", - "Javascript", - "WebSockets" - ], + "name": "OWASP Damn Vulnerable Web Sockets (DVWS)", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/interference-security/DVWS" } ], - "author": "Abhineet Jayaraj (@xploresec)", - "notes": null, - "badge": "interference-security/DVWS" + "technology": [ + "PHP", + "HTML", + "Javascript", + "WebSockets" + ], + "url": "https://owasp.org/www-project-damn-vulnerable-web-sockets/" }, { - "url": "https://owasp-juice.shop", - "name": "OWASP Juice Shop", + "author": "OWASP", + "badge": "juice-shop/juice-shop", "collection": [ "offline", "online", "container" ], - "technology": [ - "TypeScript", - "JavaScript", - "Angular", - "Node.js" - ], + "name": "OWASP Juice Shop", + "notes": null, "references": [ { "name": "download", @@ -1627,24 +1623,23 @@ "url": "https://juice-shop.herokuapp.com" } ], - "author": "OWASP", - "notes": null, - "badge": "juice-shop/juice-shop" + "technology": [ + "TypeScript", + "JavaScript", + "Angular", + "Node.js" + ], + "url": "https://owasp-juice.shop" }, { - "url": "https://secureby.design/", - "name": "OWASP SKF Labs", + "author": "glenn.ten.cate@owasp.org and riccardo.ten.cate@owasp.org", + "badge": "blabla1337/skf-labs", "collection": [ "online", "offline" ], - "technology": [ - "Python", - "HTML", - "Javascript", - "GraphQL", - "Ruby" - ], + "name": "OWASP SKF Labs", + "notes": "You can go to the demo website and login(admin / test-skf) or skip login, go to Labs menu and start a Lab you want to do. Please limit the usage of scanning tools on the Labs.", "references": [ { "name": "demo", @@ -1659,21 +1654,23 @@ "url": "https://secureby.design/" } ], - "author": "glenn.ten.cate@owasp.org and riccardo.ten.cate@owasp.org", - "notes": "You can go to the demo website and login(admin / test-skf) or skip login, go to Labs menu and start a Lab you want to do. Please limit the usage of scanning tools on the Labs.", - "badge": "blabla1337/skf-labs" + "technology": [ + "Python", + "HTML", + "Javascript", + "GraphQL", + "Ruby" + ], + "url": "https://secureby.design/" }, { - "url": "https://github.com/SasanLabs/VulnerableApp", - "name": "OWASP VulnerableApp", + "author": "Karan Preet Singh Sasan", + "badge": "SasanLabs/VulnerableApp", "collection": [ "offline" ], - "technology": [ - "Java", - "Javascript", - "Spring-Boot" - ], + "name": "OWASP VulnerableApp", + "notes": null, "references": [ { "name": "docker", @@ -1684,21 +1681,21 @@ "url": "https://github.com/SasanLabs/VulnerableApp" } ], - "author": "Karan Preet Singh Sasan", - "notes": null, - "badge": "SasanLabs/VulnerableApp" + "technology": [ + "Java", + "Javascript", + "Spring-Boot" + ], + "url": "https://github.com/SasanLabs/VulnerableApp" }, { - "url": "https://github.com/SasanLabs/VulnerableApp-facade", - "name": "OWASP VulnerableApp-facade", + "author": "Karan Preet Singh Sasan", + "badge": "SasanLabs/VulnerableApp-facade", "collection": [ "offline" ], - "technology": [ - "Typescript", - "Javascript", - "Docker" - ], + "name": "OWASP VulnerableApp-facade", + "notes": null, "references": [ { "name": "docker", @@ -1709,73 +1706,73 @@ "url": "https://github.com/SasanLabs/VulnerableApp-facade" } ], - "author": "Karan Preet Singh Sasan", - "notes": null, - "badge": "SasanLabs/VulnerableApp-facade" + "technology": [ + "Typescript", + "Javascript", + "Docker" + ], + "url": "https://github.com/SasanLabs/VulnerableApp-facade" }, { - "url": "http://pentesteracademylab.appspot.com", - "name": "Pentester Academy", + "author": null, + "badge": null, "collection": [ "online" ], - "technology": [], + "name": "Pentester Academy", + "notes": null, "references": [ { "name": "live", "url": "http://pentesteracademylab.appspot.com" } ], - "author": null, - "notes": null, - "badge": null + "technology": [], + "url": "http://pentesteracademylab.appspot.com" }, { - "url": "https://www.pentesterlab.com/exercises/", - "name": "PentesterLab - The Exercises", + "author": null, + "badge": null, "collection": [ "container" ], + "name": "PentesterLab - The Exercises", + "notes": null, + "references": [], "technology": [ "ISO", "PDF" ], - "references": [], - "author": null, - "notes": null, - "badge": null + "url": "https://www.pentesterlab.com/exercises/" }, { - "url": "http://peruggia.sourceforge.net/", - "name": "Peruggia", + "author": null, + "badge": null, "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "Peruggia", + "notes": null, "references": [ { "name": "download", "url": "https://sourceforge.net/projects/peruggia/files/" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "PHP" + ], + "url": "http://peruggia.sourceforge.net/" }, { - "url": "https://github.com/DevSlop/Pixi", - "name": "Pixi", + "author": "OWASP", + "badge": "DevSlop/Pixi", "collection": [ "offline", "container" ], - "technology": [ - "Node.js", - "Swagger", - "docker" - ], + "name": "Pixi", + "notes": null, "references": [ { "name": "download", @@ -1794,40 +1791,42 @@ "url": "https://www.youtube.com/watch?v=td-2rN4PgRw" } ], - "author": "OWASP", - "notes": null, - "badge": "DevSlop/Pixi" + "technology": [ + "Node.js", + "Swagger", + "docker" + ], + "url": "https://github.com/DevSlop/Pixi" }, { - "url": "https://code.google.com/p/puzzlemall/", - "name": "Puzzlemall", + "author": null, + "badge": null, "collection": [ "offline" ], - "technology": [ - "Java" - ], + "name": "Puzzlemall", + "notes": null, "references": [ { "name": "download", "url": "http://code.google.com/p/puzzlemall/downloads/list" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "Java" + ], + "url": "https://code.google.com/p/puzzlemall/" }, { - "url": "https://github.com/adeyosemanputra/pygoat", - "name": "PyGoat", + "author": "Ade Yoseman", + "badge": "adeyosemanputra/pygoat", "collection": [ "offline", "online", "container" ], - "technology": [ - "Python" - ], + "name": "PyGoat", + "notes": null, "references": [ { "name": "guide", @@ -1846,36 +1845,36 @@ "url": "http://pygoat.herokuapp.com/" } ], - "author": "Ade Yoseman", - "notes": null, - "badge": "adeyosemanputra/pygoat" + "technology": [ + "Python" + ], + "url": "https://github.com/adeyosemanputra/pygoat" }, { - "url": "https://github.com/insp3ctre/race-the-web", - "name": "Race The Web", + "author": "insp3ctre", + "badge": "insp3ctre/race-the-web", "collection": [ "offline" ], - "technology": [], + "name": "Race The Web", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/insp3ctre/race-the-web" } ], - "author": "insp3ctre", - "notes": null, - "badge": "insp3ctre/race-the-web" + "technology": [], + "url": "https://github.com/insp3ctre/race-the-web" }, { - "url": "https://www.owasp.org/index.php/OWASP_Rails_Goat_Project", - "name": "Rails Goat", + "author": "OWASP", + "badge": "OWASP/railsgoat", "collection": [ "offline" ], - "technology": [ - "Ruby on Rails" - ], + "name": "Rails Goat", + "notes": null, "references": [ { "name": "download", @@ -1886,33 +1885,33 @@ "url": "http://railsgoat.cktricky.com/getting_started.html" } ], - "author": "OWASP", - "notes": null, - "badge": "OWASP/railsgoat" + "technology": [ + "Ruby on Rails" + ], + "url": "https://www.owasp.org/index.php/OWASP_Rails_Goat_Project" }, { - "url": "https://github.com/sqlmapproject/testenv", - "name": "SQL injection test environment", + "author": null, + "badge": "sqlmapproject/testenv", "collection": [ "offline" ], + "name": "SQL injection test environment", + "notes": "SQLmap Project", + "references": [], "technology": [ "PHP" ], - "references": [], - "author": null, - "notes": "SQLmap Project", - "badge": "sqlmapproject/testenv" + "url": "https://github.com/sqlmapproject/testenv" }, { - "url": "https://github.com/Audi-1/sqli-labs", - "name": "SQLI-labs", + "author": null, + "badge": "Audi-1/sqli-labs", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "SQLI-labs", + "notes": null, "references": [ { "name": "download", @@ -1923,92 +1922,101 @@ "url": "http://dummy2dummies.blogspot.com/2012/06/sqli-lab-series-part-1.html" } ], - "author": null, - "notes": null, - "badge": "Audi-1/sqli-labs" + "technology": [ + "PHP" + ], + "url": "https://github.com/Audi-1/sqli-labs" }, { - "url": "https://github.com/SpiderLabs/SQLol", - "name": "SQLol", + "author": null, + "badge": "SpiderLabs/SQLol", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "SQLol", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/SpiderLabs/SQLol/archive/master.zip" } ], - "author": null, - "notes": null, - "badge": "SpiderLabs/SQLol" + "technology": [ + "PHP" + ], + "url": "https://github.com/SpiderLabs/SQLol" }, { - "url": "https://github.com/incredibleindishell/SSRF_Vulnerable_Lab", - "name": "SSRF Vuln Lab", + "author": "incredibleindishell, Mohammed Farhan", + "badge": "incredibleindishell/SSRF_Vulnerable_Lab", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "SSRF Vuln Lab", + "notes": null, "references": [ { "name": "docker", "url": "https://github.com/incredibleindishell/SSRF_Vulnerable_Lab#docker" } ], - "author": "incredibleindishell, Mohammed Farhan", - "notes": null, - "badge": "incredibleindishell/SSRF_Vulnerable_Lab" + "technology": [ + "PHP" + ], + "url": "https://github.com/incredibleindishell/SSRF_Vulnerable_Lab" }, { - "url": "http://www.samurai-wtf.org/", - "name": "Samurai WTF", + "author": null, + "badge": null, "collection": [ "container" ], - "technology": [ - "ISO" - ], + "name": "Samurai WTF", + "notes": null, "references": [ { "name": "download", "url": "https://sourceforge.net/projects/samurai/files/" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "ISO" + ], + "url": "http://www.samurai-wtf.org/" }, { - "url": "http://sg6-labs.blogspot.com/2007/12/secgame-1-sauron.html", - "name": "Sauron", + "author": null, + "badge": null, "collection": [ "container" ], - "technology": [ - "Quemu" - ], + "name": "Sauron", + "notes": null, "references": [ { "name": "download", "url": "http://sg6-labs.blogspot.com/search/label/SecGame" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "Quemu" + ], + "url": "http://sg6-labs.blogspot.com/2007/12/secgame-1-sauron.html" }, { - "url": "https://github.com/globocom/secDevLabs", - "name": "SecDevLabs", + "author": "Globo", + "badge": "globocom/secDevLabs", "collection": [ "offline" ], + "name": "SecDevLabs", + "notes": "Repository with many intentionally vulnerable web applications. Includes attack narratives and docker options for each app.", + "references": [ + { + "name": "guide", + "url": "https://github.com/globocom/secDevLabs" + } + ], "technology": [ "Go", "NodeJS", @@ -2018,22 +2026,17 @@ "Angular/Spring", "Dart/Flutter" ], - "references": [ - { - "name": "guide", - "url": "https://github.com/globocom/secDevLabs" - } - ], - "author": "Globo", - "notes": "Repository with many intentionally vulnerable web applications. Includes attack narratives and docker options for each app.", - "badge": "globocom/secDevLabs" + "url": "https://github.com/globocom/secDevLabs" }, { - "url": "https://github.com/DataDog/security-labs-pocs", - "name": "Security Labs & POCs", + "author": "DataDog", + "badge": "DataDog/security-labs-pocs", "collection": [ "container" ], + "name": "Security Labs & POCs", + "notes": null, + "references": [], "technology": [ "docker", "Kubernetes", @@ -2041,126 +2044,120 @@ "OpenSSL", "JWT" ], - "references": [], - "author": "DataDog", - "notes": null, - "badge": "DataDog/security-labs-pocs" + "url": "https://github.com/DataDog/security-labs-pocs" }, { - "url": "https://owasp.org/www-project-security-shepherd/", - "name": "Security Shepherd", + "author": "OWASP", + "badge": "OWASP/SecurityShepherd", "collection": [ "offline" ], - "technology": [ - "Java" - ], + "name": "Security Shepherd", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/OWASP/SecurityShepherd" } ], - "author": "OWASP", - "notes": null, - "badge": "OWASP/SecurityShepherd" + "technology": [ + "Java" + ], + "url": "https://owasp.org/www-project-security-shepherd/" }, { - "url": "http://testhtml5.vulnweb.com/", - "name": "Security Tweets", + "author": "Acunetix", + "badge": null, "collection": [ "online" ], - "technology": [], + "name": "Security Tweets", + "notes": "HTML5", "references": [ { "name": "live", "url": "http://testhtml5.vulnweb.com" } ], - "author": "Acunetix", - "notes": "HTML5", - "badge": null + "technology": [], + "url": "http://testhtml5.vulnweb.com/" }, { - "url": "http://solyd.com.br/treinamentos/introducao-ao-hacking-e-pentest", - "name": "Solyd - Introdução ao Hacking e Pentest", + "author": "Solyd", + "badge": null, "collection": [ "online" ], + "name": "Solyd - Introdução ao Hacking e Pentest", + "notes": "In Portuguese (Português) - Free online trainning with free online lab", + "references": [], "technology": [ "PHP", "Linux" ], - "references": [], - "author": "Solyd", - "notes": "In Portuguese (Português) - Free online trainning with free online lab", - "badge": null + "url": "http://solyd.com.br/treinamentos/introducao-ao-hacking-e-pentest" }, { - "url": "https://github.com/dhatanian/ticketmagpie", - "name": "TicketMagpie", + "author": null, + "badge": "dhatanian/ticketmagpie", "collection": [ "offline" ], - "technology": [ - "Java" - ], + "name": "TicketMagpie", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/dhatanian/ticketmagpie" } ], - "author": null, - "notes": null, - "badge": "dhatanian/ticketmagpie" + "technology": [ + "Java" + ], + "url": "https://github.com/dhatanian/ticketmagpie" }, { - "url": "https://github.com/payatu/Tiredful-API", - "name": "Tiredful API", + "author": "@payatu", + "badge": "payatu/Tiredful-API", "collection": [ "offline" ], - "technology": [ - "Python", - "Django" - ], + "name": "Tiredful API", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/payatu/Tiredful-API" } ], - "author": "@payatu", - "notes": null, - "badge": "payatu/Tiredful-API" + "technology": [ + "Python", + "Django" + ], + "url": "https://github.com/payatu/Tiredful-API" }, { - "url": "https://github.com/lucideus-repo/UnSAFE_Bank", - "name": "UnSAFE Bank", + "author": "lucideus", + "badge": "lucideus-repo/UnSAFE_Bank", "collection": [ "offline" ], + "name": "UnSAFE Bank", + "notes": "Web, Android and iOS application", + "references": [], "technology": [ "Docker" ], - "references": [], - "author": "lucideus", - "notes": "Web, Android and iOS application", - "badge": "lucideus-repo/UnSAFE_Bank" + "url": "https://github.com/lucideus-repo/UnSAFE_Bank" }, { - "url": "https://github.com/erev0s/VAmPI", - "name": "VAmPI", + "author": "erev0s", + "badge": "erev0s/VAmPI", "collection": [ "container" ], - "technology": [ - "python", - "docker", - "OpenAPI" - ], + "name": "VAmPI", + "notes": null, "references": [ { "name": "guide", @@ -2171,160 +2168,162 @@ "url": "https://erev0s.com/blog/vampi-vulnerable-api-security-testing/" } ], - "author": "erev0s", - "notes": null, - "badge": "erev0s/VAmPI" + "technology": [ + "python", + "docker", + "OpenAPI" + ], + "url": "https://github.com/erev0s/VAmPI" }, { - "url": "https://github.com/detectify/Varnish-H2-Request-Smuggling", - "name": "Varnish HTTP/2 Request Smuggling", + "author": "Detectify", + "badge": "detectify/Varnish-H2-Request-Smuggling", "collection": [ "offline" ], - "technology": [ - "Varnish", - "HTTP/2" - ], + "name": "Varnish HTTP/2 Request Smuggling", + "notes": "A docker-compose file to setup a local environment that is vulnerable to CVE-2021-36740 Varnish HTTP/2 request smuggling, presented by Albinowax at Blackhat/Defcon 2021.", "references": [ { "name": "announcement", "url": "https://twitter.com/berg0x00/status/1431027889064058885" } ], - "author": "Detectify", - "notes": "A docker-compose file to setup a local environment that is vulnerable to CVE-2021-36740 Varnish HTTP/2 request smuggling, presented by Albinowax at Blackhat/Defcon 2021.", - "badge": "detectify/Varnish-H2-Request-Smuggling" + "technology": [ + "Varnish", + "HTTP/2" + ], + "url": "https://github.com/detectify/Varnish-H2-Request-Smuggling" }, { - "url": "https://sourceforge.net/projects/virtualhacking/", - "name": "Virtual Hacking Lab", + "author": null, + "badge": null, "collection": [ "container" ], - "technology": [ - "ZIP" - ], + "name": "Virtual Hacking Lab", + "notes": null, "references": [ { "name": "download", "url": "https://sourceforge.net/projects/virtualhacking/files/" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "ZIP" + ], + "url": "https://sourceforge.net/projects/virtualhacking/" }, { - "url": "https://github.com/Yavuzlar/VulnLab", - "name": "VulnLab", + "author": "Yavuzlar (siberyavuzlar.com)", + "badge": "Yavuzlar/VulnLab", "collection": [ "offline" ], + "name": "VulnLab", + "notes": "A web vulnerability lab project developed by Yavuzlar.", + "references": [], "technology": [ "PHP", "Docker" ], - "references": [], - "author": "Yavuzlar (siberyavuzlar.com)", - "notes": "A web vulnerability lab project developed by Yavuzlar.", - "badge": "Yavuzlar/VulnLab" + "url": "https://github.com/Yavuzlar/VulnLab" }, { - "url": "https://github.com/ScaleSec/vulnado", - "name": "Vulnado", + "author": "ScaleSec", + "badge": "ScaleSec/vulnado", "collection": [ "container" ], + "name": "Vulnado", + "notes": "Purposely vulnerable Java application to help lead secure coding workshops", + "references": [], "technology": [ "Java", "Docker" ], - "references": [], - "author": "ScaleSec", - "notes": "Purposely vulnerable Java application to help lead secure coding workshops", - "badge": "ScaleSec/vulnado" + "url": "https://github.com/ScaleSec/vulnado" }, { - "url": "https://github.com/CSPF-Founder/JavaVulnerableLab/", - "name": "Vulnerable Java Web Application", + "author": "Cyber Security and Privacy Foundation", + "badge": "CSPF-Founder/JavaVulnerableLab", "collection": [ "offline" ], + "name": "Vulnerable Java Web Application", + "notes": null, + "references": [], "technology": [ "Java" ], - "references": [], - "author": "Cyber Security and Privacy Foundation", - "notes": null, - "badge": "CSPF-Founder/JavaVulnerableLab" + "url": "https://github.com/CSPF-Founder/JavaVulnerableLab/" }, { - "url": "https://github.com/kaakaww/vuln_node_express", - "name": "Vulnerable Node Express", + "author": "Zachary Conger", + "badge": "kaakaww/vuln_node_express", "collection": [ "offline" ], + "name": "Vulnerable Node Express", + "notes": "SQLi and XSS", + "references": [], "technology": [ "Node.js", "Express" ], - "references": [], - "author": "Zachary Conger", - "notes": "SQLi and XSS", - "badge": "kaakaww/vuln_node_express" + "url": "https://github.com/kaakaww/vuln_node_express" }, { - "url": "https://github.com/mddanish/Vulnerable-OTP-Application", - "name": "Vulnerable OTP App", + "author": "mddanish", + "badge": "mddanish/Vulnerable-OTP-Application", "collection": [ "offline" ], + "name": "Vulnerable OTP App", + "notes": null, + "references": [], "technology": [ "PHP", "Google OTP" ], - "references": [], - "author": "mddanish", - "notes": null, - "badge": "mddanish/Vulnerable-OTP-Application" + "url": "https://github.com/mddanish/Vulnerable-OTP-Application" }, { - "url": "https://github.com/yogisec/VulnerableSAMLApp", - "name": "Vulnerable SAML App", + "author": "yogisec", + "badge": "yogisec/VulnerableSAMLApp", "collection": [ "offline" ], + "name": "Vulnerable SAML App", + "notes": null, + "references": [], "technology": [ "Python" ], - "references": [], - "author": "yogisec", - "notes": null, - "badge": "yogisec/VulnerableSAMLApp" + "url": "https://github.com/yogisec/VulnerableSAMLApp" }, { - "url": "https://github.com/ctxis/VulnerableXsltConsoleApplication", - "name": "VulnerableXsltConsoleApplication", + "author": " Context Information Security", + "badge": "ctxis/VulnerableXsltConsoleApplication", "collection": [ "offline" ], + "name": "VulnerableXsltConsoleApplication", + "notes": "This is a console app, however it relates to an issues that is relevant to web apps: use of XSLT transforms for XML files.", + "references": [], "technology": [ ".Net" ], - "references": [], - "author": " Context Information Security", - "notes": "This is a console app, however it relates to an issues that is relevant to web apps: use of XSLT transforms for XML files.", - "badge": "ctxis/VulnerableXsltConsoleApplication" + "url": "https://github.com/ctxis/VulnerableXsltConsoleApplication" }, { - "url": "https://github.com/sectooladdict/wavsep", - "name": "WAVSEP - Web Application Vulnerability Scanner Evaluation Project", + "author": "Shay Chen", + "badge": "sectooladdict/wavsep", "collection": [ "offline" ], - "technology": [ - "Java" - ], + "name": "WAVSEP - Web Application Vulnerability Scanner Evaluation Project", + "notes": null, "references": [ { "name": "download", @@ -2339,17 +2338,19 @@ "url": "https://github.com/sectooladdict/wavsep/wiki" } ], - "author": "Shay Chen", - "notes": null, - "badge": "sectooladdict/wavsep" + "technology": [ + "Java" + ], + "url": "https://github.com/sectooladdict/wavsep" }, { - "url": "https://code.google.com/p/wivet/", - "name": "WIVET- Web Input Vector Extractor Teaser", + "author": null, + "badge": null, "collection": [ "offline" ], - "technology": [], + "name": "WIVET- Web Input Vector Extractor Teaser", + "notes": null, "references": [ { "name": "download", @@ -2360,58 +2361,56 @@ "url": "https://code.google.com/p/wivet/downloads/list?can=1&q=" } ], - "author": null, - "notes": null, - "badge": null + "technology": [], + "url": "https://code.google.com/p/wivet/" }, { - "url": "https://github.com/adamdoupe/WackoPicko", - "name": "WackoPicko", + "author": null, + "badge": "adamdoupe/WackoPicko", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "WackoPicko", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/adamdoupe/WackoPicko/zipball/master" } ], - "author": null, - "notes": null, - "badge": "adamdoupe/WackoPicko" + "technology": [ + "PHP" + ], + "url": "https://github.com/adamdoupe/WackoPicko" }, { - "url": "http://www.mavensecurity.com/web_security_dojo/", - "name": "Web Security Dojo", + "author": null, + "badge": null, "collection": [ "container" ], - "technology": [ - "VMware", - "VirtualBox" - ], + "name": "Web Security Dojo", + "notes": null, "references": [ { "name": "download", "url": "https://sourceforge.net/projects/websecuritydojo/files/" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "VMware", + "VirtualBox" + ], + "url": "http://www.mavensecurity.com/web_security_dojo/" }, { - "url": "https://webgoat.github.io/WebGoat/", - "name": "WebGoat", + "author": "OWASP", + "badge": "WebGoat/WebGoat", "collection": [ "offline" ], - "technology": [ - "Java" - ], + "name": "WebGoat", + "notes": null, "references": [ { "name": "download", @@ -2426,19 +2425,19 @@ "url": "https://hub.docker.com/r/webgoat/goatandwolf" } ], - "author": "OWASP", - "notes": null, - "badge": "WebGoat/WebGoat" + "technology": [ + "Java" + ], + "url": "https://webgoat.github.io/WebGoat/" }, { - "url": "https://www.owasp.org/index.php/WebGoatPHP", - "name": "WebGoatPHP", + "author": "OWASP", + "badge": "OWASP/OWASPWebGoatPHP", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "WebGoatPHP", + "notes": null, "references": [ { "name": "download", @@ -2449,16 +2448,25 @@ "url": "https://github.com/OWASP/OWASPWebGoatPHP/blob/master/README.md" } ], - "author": "OWASP", - "notes": null, - "badge": "OWASP/OWASPWebGoatPHP" + "technology": [ + "PHP" + ], + "url": "https://www.owasp.org/index.php/WebGoatPHP" }, { - "url": "https://github.com/commjoen/wrongsecrets", - "name": "WrongSecrets", + "author": "Jeroen Willemsen (@commjoen), Ben de Haan (@bendehaan), Nanne Baars (@nbaars)", + "badge": "commjoen/wrongsecrets", "collection": [ "offline" ], + "name": "WrongSecrets", + "notes": "OWASP WrongSecrets is a vulnerable app used to show how to not use secrets.", + "references": [ + { + "name": "download", + "url": "https://github.com/commjoen/wrongsecrets" + } + ], "technology": [ "JavaScript", "Java", @@ -2468,97 +2476,88 @@ "AWS", "GCP" ], - "references": [ - { - "name": "download", - "url": "https://github.com/commjoen/wrongsecrets" - } - ], - "author": "Jeroen Willemsen (@commjoen), Ben de Haan (@bendehaan), Nanne Baars (@nbaars)", - "notes": "OWASP WrongSecrets is a vulnerable app used to show how to not use secrets.", - "badge": "commjoen/wrongsecrets" + "url": "https://github.com/commjoen/wrongsecrets" }, { - "url": "http://xxe.sourceforge.net/", - "name": "XXE", + "author": null, + "badge": null, "collection": [ "container" ], - "technology": [ - "VMware" - ], + "name": "XXE", + "notes": null, "references": [ { "name": "download", "url": "https://sourceforge.net/projects/xxe/files/" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "VMware" + ], + "url": "http://xxe.sourceforge.net/" }, { - "url": "https://github.com/jbarone/xxelab", - "name": "XXE Lab", + "author": "Joshua Barone", + "badge": "jbarone/xxelab", "collection": [ "container", "offline" ], + "name": "XXE Lab", + "notes": null, + "references": [], "technology": [ "docker", "vagrant" ], - "references": [], - "author": "Joshua Barone", - "notes": null, - "badge": "jbarone/xxelab" + "url": "https://github.com/jbarone/xxelab" }, { - "url": "https://github.com/s4n7h0/xvwa", - "name": "Xtreme Vulnerable Web Application (XVWA)", + "author": "@s4n7h0, @samanL33T", + "badge": "s4n7h0/xvwa", "collection": [ "offline" ], - "technology": [ - "PHP", - "MySQL" - ], + "name": "Xtreme Vulnerable Web Application (XVWA)", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/s4n7h0/xvwa" } ], - "author": "@s4n7h0, @samanL33T", - "notes": null, - "badge": "s4n7h0/xvwa" + "technology": [ + "PHP", + "MySQL" + ], + "url": "https://github.com/s4n7h0/xvwa" }, { - "url": "http://zero.webappsecurity.com/", - "name": "Zero Bank", + "author": "Micro Focus Fortify (was HP/SpiDynamics)", + "badge": null, "collection": [ "online" ], - "technology": [], + "name": "Zero Bank", + "notes": "(username/password)", "references": [ { "name": "live", "url": "http://zero.webappsecurity.com" } ], - "author": "Micro Focus Fortify (was HP/SpiDynamics)", - "notes": "(username/password)", - "badge": null + "technology": [], + "url": "http://zero.webappsecurity.com/" }, { - "url": "http://www.itsecgames.com/", - "name": "bWAPP", + "author": null, + "badge": null, "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "bWAPP", + "notes": null, "references": [ { "name": "download", @@ -2569,63 +2568,63 @@ "url": "http://itsecgames.blogspot.be/2013/01/bwapp-installation.html" } ], - "author": null, - "notes": null, - "badge": null + "technology": [ + "PHP" + ], + "url": "http://www.itsecgames.com/" }, { - "url": "https://owasp.org/www-project-crapi/", - "name": "crAPI", + "author": "Paulo Silva", + "badge": "OWASP/crAPI", "collection": [ "offline", "container" ], - "technology": [ - "Go", - "nginx" - ], + "name": "crAPI", + "notes": null, "references": [ { "name": "downloads", "url": "https://github.com/OWASP/crAPI" } ], - "author": "Paulo Silva", - "notes": null, - "badge": "OWASP/crAPI" + "technology": [ + "Go", + "nginx" + ], + "url": "https://owasp.org/www-project-crapi/" }, { - "url": "https://github.com/snoopysecurity/dvws-node", - "name": "dvws-node", + "author": "@snoopysecurity", + "badge": "snoopysecurity/dvws-node", "collection": [ "offline", "container" ], - "technology": [ - "Web Services", - "NodeJS" - ], + "name": "dvws-node", + "notes": null, "references": [ { "name": "guide", "url": "https://github.com/snoopysecurity/dvws-node/wiki" } ], - "author": "@snoopysecurity", - "notes": null, - "badge": "snoopysecurity/dvws-node" + "technology": [ + "Web Services", + "NodeJS" + ], + "url": "https://github.com/snoopysecurity/dvws-node" }, { - "url": "http://hackxor.sourceforge.net/cgi-bin/index.pl", - "name": "Hackxor", + "author": "albinowax", + "badge": null, "collection": [ "offline", "online", "container" ], - "technology": [ - "VMware" - ], + "name": "Hackxor", + "notes": "First 2 levels online, rest offline. Web application hacking game via missions, based on real vulnerabilities.", "references": [ { "name": "download", @@ -2640,89 +2639,89 @@ "url": "https://hackxor.net" } ], - "author": "albinowax", - "notes": "First 2 levels online, rest offline. Web application hacking game via missions, based on real vulnerabilities.", - "badge": null + "technology": [ + "VMware" + ], + "url": "http://hackxor.sourceforge.net/cgi-bin/index.pl" }, { - "url": "https://github.com/omerlh/insecure-deserialisation-net-poc", - "name": "insecure-deserialisation-net-poc", + "author": "Omer Levi Hevroni", + "badge": "omerlh/insecure-deserialisation-net-poc", "collection": [ "offline" ], + "name": "insecure-deserialisation-net-poc", + "notes": "A small webserver vulnerable to insecure deserialization", + "references": [], "technology": [ ".NET", "JSON", "yoserial.NET" ], - "references": [], - "author": "Omer Levi Hevroni", - "notes": "A small webserver vulnerable to insecure deserialization", - "badge": "omerlh/insecure-deserialisation-net-poc" + "url": "https://github.com/omerlh/insecure-deserialisation-net-poc" }, { - "url": "https://github.com/Sjord/jwtdemo/", - "name": "jwtdemo", + "author": "Sjoerd Langkemper (Sjord)", + "badge": "Sjord/jwtdemo", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "jwtdemo", + "notes": "Practice hacking JWT tokens.", "references": [ { "name": "guide", "url": "https://www.sjoerdlangkemper.nl/2016/09/28/attacking-jwt-authentication/" } ], - "author": "Sjoerd Langkemper (Sjord)", - "notes": "Practice hacking JWT tokens.", - "badge": "Sjord/jwtdemo" + "technology": [ + "PHP" + ], + "url": "https://github.com/Sjord/jwtdemo/" }, { - "url": "https://github.com/playframework/play-webgoat", - "name": "play-webgoat", + "author": null, + "badge": "playframework/play-webgoat", "collection": [ "offline" ], + "name": "play-webgoat", + "notes": null, + "references": [], "technology": [ "Java", "Scala", "Play Framework" ], - "references": [], - "author": null, - "notes": null, - "badge": "playframework/play-webgoat" + "url": "https://github.com/playframework/play-webgoat" }, { - "url": "https://github.com/sakti/twitterlike", - "name": "twitterlike", + "author": "Sakti Dwi Cahyono", + "badge": "sakti/twitterlike", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "twitterlike", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/sakti/twitterlike" } ], - "author": "Sakti Dwi Cahyono", - "notes": null, - "badge": "sakti/twitterlike" + "technology": [ + "PHP" + ], + "url": "https://github.com/sakti/twitterlike" }, { - "url": "https://github.com/roottusk/vapi", - "name": "vAPI", + "author": "Tushar Kulkarni", + "badge": "roottusk/vapi", "collection": [ "offline" ], - "technology": [ - "PHP" - ], + "name": "vAPI", + "notes": "vAPI is a Vulnerable Interface that demonstrates the OWASP API Top 10 vulnerabilities in the means of exercises", "references": [ { "name": "guide", @@ -2733,79 +2732,78 @@ "url": "https://hub.docker.com/r/roottusk/vapi" } ], - "author": "Tushar Kulkarni", - "notes": "vAPI is a Vulnerable Interface that demonstrates the OWASP API Top 10 vulnerabilities in the means of exercises", - "badge": "roottusk/vapi" + "technology": [ + "PHP" + ], + "url": "https://github.com/roottusk/vapi" }, { - "url": "https://github.com/mattvaldes/vulnerable-api", - "name": "vulnerable-api", + "author": "Matthew Valdes", + "badge": "mattvaldes/vulnerable-api", "collection": [ "offline" ], - "technology": [ - "Python" - ], + "name": "vulnerable-api", + "notes": null, "references": [ { "name": "download", "url": "https://github.com/mattvaldes/vulnerable-api" } ], - "author": "Matthew Valdes", - "notes": null, - "badge": "mattvaldes/vulnerable-api" + "technology": [ + "Python" + ], + "url": "https://github.com/mattvaldes/vulnerable-api" }, { - "url": "https://github.com/marmicode/websheep", - "name": "websheep", + "author": "Younes Jaaidi (yjaaidi)", + "badge": "marmicode/websheep", "collection": [ "offline" ], - "technology": [ - "Angular", - "JavaScript", - "Node" - ], + "name": "websheep", + "notes": " Websheep is an app based on a willingly vulnerable ReSTful APIs.", "references": [ { "name": "guide", "url": "https://github.com/marmicode/websheep" } ], - "author": "Younes Jaaidi (yjaaidi)", - "notes": " Websheep is an app based on a willingly vulnerable ReSTful APIs.", - "badge": "marmicode/websheep" + "technology": [ + "Angular", + "JavaScript", + "Node" + ], + "url": "https://github.com/marmicode/websheep" }, { - "url": "https://github.com/cider-security-research/cicd-goat", - "name": "CI/CD Goat", + "author": "Cider", + "badge": "cider-security-research/cicd-goat", "collection": [ "container" ], + "name": "CI/CD Goat", + "notes": "Deliberately vulnerable CI/CD environment. Hack CI/CD pipelines, capture the flags.", + "references": [], "technology": [ "Gitea", "Jenkins", "GitLab", "Docker" ], - "references": [], - "author": "Cider", - "notes": "Deliberately vulnerable CI/CD environment. Hack CI/CD pipelines, capture the flags.", - "badge": "cider-security-research/cicd-goat" + "url": "https://github.com/cider-security-research/cicd-goat" }, { - "url": "http://ffuf.me/", - "name": "FFUF.me", + "author": "adamtlangley", + "badge": "adamtlangley/ffufme", "collection": [ "online", "offline", "container" ], - "technology": [ - "PHP", - "Docker" - ], + "name": "FFUF.me", + "notes": "Target practice for ffuf", "references": [ { "name": "download", @@ -2816,46 +2814,54 @@ "url": "http://ffuf.me/" } ], - "author": "adamtlangley", - "notes": "Target practice for ffuf", - "badge": "adamtlangley/ffufme" + "technology": [ + "PHP", + "Docker" + ], + "url": "http://ffuf.me/" }, { - "url": "https://pentest-ground.com/", - "name": "Pentest-Ground", + "author": "Pentest-Tools.com", + "badge": null, "collection": [ "online" ], + "name": "Pentest-Ground", + "notes": "Suite of vulnerable web apps to practice", + "references": [], "technology": [ "PHP", "Docker" ], - "references": [], - "author": "Pentest-Tools.com", - "notes": "Suite of vulnerable web apps to practice", - "badge": null + "url": "https://pentest-ground.com/" }, { - "url": "https://yrprey.com", - "name": "Yrprey", - "collection": ["offline"], - "technology": ["PHP", "TypeScript", "NextJs"], - "references": [ - { - "name": "Backend", - "url": "https://github.com/yrprey/yrprey-backend" - }, - { - "name": "Frontend", - "url": "https://github.com/yrprey/yrprey-frontend" - }, - { - "name": "Docker", - "url": "https://github.com/yrprey/yrprey-application" - } - ], "author": "Fernando Mengali, Vagner Mengali", + "badge": null, + "collection": [ + "offline" + ], + "name": "Yrprey", "notes": "Framework created in NextJs (TypeScript) and PHP/MySQL with OWASP TOP 10 API vulnerabilities of 2019 and 2023. Yrprey can was created for educational purposes, contributing to the teaching and learning of those interested in Pentest (intrusion testing) and Application Security (Appsec).", - "badge": null - } + "references": [ + { + "name": "Backend", + "url": "https://github.com/yrprey/yrprey-backend" + }, + { + "name": "Frontend", + "url": "https://github.com/yrprey/yrprey-frontend" + }, + { + "name": "Docker", + "url": "https://github.com/yrprey/yrprey-application" + } + ], + "technology": [ + "PHP", + "TypeScript", + "NextJs" + ], + "url": "https://yrprey.com" + } ]