OWASP Developer Guide

Vulnerable Applications

7.1 Vulnerable Applications

Vulnerable applications are useful for the Training and Education activities described in the SAMM Training and Awareness section, which in turn is part of the SAMM Education & Guidance security practice within the Governance business function.

The vulnerable applications provide a safe environment where various vulnerable targets can be attacked. This provides practice in using various penetration tools available to a tester, without the risk of attack traffic triggering intrusion detection systems.


7.1 Juice Shop
7.2 WebGoat
7.3 PyGoat
7.4 Security Shepherd

The OWASP Developer Guide is a community effort; if there is something that needs changing then submit an issue or edit on GitHub.