OWASP Vulnerable Web Applications Directory Project

From OWASP
Jump to: navigation, search
OWASP Project Header.jpg

OWASP Vulnerable Web Applications Directory Project

The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available for legal security and vulnerability testing of various kinds.

Introduction

Select from the above tabs to view all of the:

  • On-Line applications
  • Off-Line applications
  • Virtual Machines and ISO images

Description

The OWASP Vulnerable Web Applications Directory (VWAD) Project is a comprehensive and well maintained registry of all known vulnerable web applications currently available. These vulnerable web applications can be used by web developers, security auditors and penetration testers to put in practice their knowledge and skills during training sessions (and especially afterwards), as well as to test at any time the multiple hacking tools and offensive techniques available, in preparation for their next real-world engagement.

The main goal of VWAD is to provide a list of vulnerable web applications available to security professionals for hacking and offensive activities, so that they can attack realistic web environments... without going to jail :)

The vulnerable web applications have been classified in three categories: On-Line, Off-Line, and VMs/ISOs. Each list has been ordered alphabetically.

An initial list that inspired this project was maintained till October 2013 at: http://blog.taddong.com/2011/10/hacking-vulnerable-web-applications.html.

A brief description of the OWASP VWAD project is available at: http://blog.dinosec.com/2013/11/owasp-vulnerable-web-applications.html.

The associated GitHub repository is available at: https://github.com/OWASP/OWASP-VWAD.

Licensing

OWASP Vulnerable Web Applications Directory Projects is free to use. It is licensed under the Apache 2.0 License, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially.

What is VWAD?

OWASP VWAD provides:

  • A list of all known vulnerable web applications.

Presentation

Interview with Simon Bennetts – The OWASP Web Applications Vulnerability Project .

Project Leaders

Related Projects

  • N/A

Open Hub

Quick Download

News and Events

  • [16 Oct 2013] Project created.

In Print

N/A

Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-breakers-small.png
Cc-button-y-sa-small.png
Project Type Files DOC.jpg

Retrieved from "https://www.owasp.org/index.php?title=OWASP_Vulnerable_Web_Applications_Directory_Project&oldid=240176"