Various Web vulnerability test platforms

Source: Internet
Author: User

Sqli Lab
? Support for error injection, two injections, blind, update injection, insert injection, HTTP header injection, two injection exercises, etc. Support for Get and post two ways. Https://github.com/Audi-1/sqli-labs

DVWA (Dam vulnerable WEB application)
DVWA is a web vulnerability test program written in Php+mysql for general Web vulnerability teaching and testing. Contains a number of common security vulnerabilities such as SQL injection, XSS, and blinds.
http://www.dvwa.co.uk/

Mutillidaemutillidae
is a free, open source Web application that provides specifically allowed security testing and intrusion of Web applications. It is made up of Adrian "Irongeek" Crenshaw and Jeremy "webpwnized" Druin. Development of a free and open source

Web application. It includes rich penetration testing projects such as SQL injection, cross-site scripting, clickjacking, local file inclusion, remote code execution, and more.
Http://sourceforge.net/projects/mutillidae

Sqlol
is a configurable SQL injection test platform that contains a series of challenge tasks that allow you to test and learn SQL injection statements in a challenge. This program was released by Spider Labs at the Austin Hacker Conference.
Https://github.com/SpiderLabs/SQLol

Hackxorhackxor
is a online hacking game developed by albino and can be deployed with the full version installed, including common web vulnerability Walkthroughs. Contains common vulnerabilities such as XSS, CSRF, SQL injection, RCE, and so on.
Http://sourceforge.net/projects/hackxor

Bodgeitbodgeit
Is a Java-written vulnerability Web program. He contains issues such as XSS, SQL injection, debug code, CSRF, unsafe object applications, and program logic.
Http://code.google.com/p/bodgeit

Exploit kb/exploit.co.il
The program contains a variety of vulnerable web applications that can test various SQL injection vulnerabilities. This application is also included in the BT5.
Http://exploit.co.il/projects/vuln-web-app

Wackopickowackopicko
is a vulnerable Web application published by Adam Doupé to test the Web Application Vulnerability Scanning Tool. It contains command-line injections, SessionID issues, file inclusions, parameter tampering, SQL injection, XSS, flash form reflective XSS,

Weak password scanning, etc.
Https://github.com/adamdoupe/WackoPicko

Webgoatwebgoat
is a flawed Java EE Web application maintained by the famous owasp, which is not a bug in the program, but is deliberately designed to teach Web application security courses. This app provides a realistic teaching environment for

Provide clues about the completion of the course.
Http://code.google.com/p/webgoat

OWASP hackademicowasp hackademic
is a project developed by owasp that you can use to test various attack techniques that currently contain 10 problematic Web applications.
Https://code.google.com/p/owasp-hackademic-challenges

Xsseducationxsseducation
is a set of programs developed by AJ00200 that specifically test cross-site. It contains tests for various scenarios.
Http://wiki.aj00200.org/wiki/XSSeducation

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.