owasp-top-ten topic
NodeGoat
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
sqlinjection-training-app
A simple PHP application to learn SQL Injection detection and exploitation techniques.
xss_vulnerability_challenges
this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.
Backup-Finder
A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)
Admin-Panel_Finder
A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)
DjanGoat
Python and Django implementation of the OWASP RailsGoat project
CVE-2021-45897
PoC for CVE-2021-45897
openappsec
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.