WebGoat

Open-source alternatives to WebGoat

Similar open-source projects, ranked by how many features they share with WebGoat.

ethicalhack3r/dvwa
ethicalhack3r/DVWA
13,236View on GitHub
DVWA is a vulnerable web application sandbox and PHP security training environment. It serves as a deployable penetration testing target and an OWASP Top 10 lab designed for practicing exploits and simulating common web security vulnerabilities. The application allows users to adjust security difficulty levels to match their skill level and toggle between different SQL database engines to test how various systems handle injection attacks. It includes a mechanism to disable authentication, enabling automated security tools to interact directly with the environment. The project provides capabi
PHP
View on GitHub13,236
rapid7/metasploitable3
rapid7/metasploitable3
5,592View on GitHub
Metasploitable3 is an automated virtual machine provisioner designed to build and deploy operating system images with intentional security weaknesses. It functions as a penetration testing lab by creating vulnerable virtual machine targets used for security training, exploit development, and the validation of security tools. The system uses configuration scripts to inject vulnerabilities into Windows and Linux environments. This includes the deployment of insecure applications and services, such as web servers and databases, and the application of misconfigured system permissions to simulate
HTML
View on GitHub5,592
digininja/dvwa
digininja/DVWA
13,229View on GitHub
DVWA is a vulnerable web application lab and penetration testing sandbox designed to simulate common security flaws. It serves as a training platform for the OWASP Top 10 security risks and functions as a PHP and MySQL security lab for practicing the identification and exploitation of web vulnerabilities. The project provides a graduated learning experience through configurable security levels that adjust the difficulty of the vulnerabilities. It also supports switching between different database engines to research how various storage systems respond to injection attacks. The application is
PHPdvwahackinginfosec
View on GitHub13,229
samsar4/ethical-hacking-labs
Samsar4/Ethical-Hacking-Labs
3,397View on GitHub
Ethical-Hacking-Labs is a comprehensive cybersecurity training curriculum and lab suite designed for learning penetration testing, network analysis, and offensive security techniques. It provides a structured environment for practicing the full attack lifecycle, from initial reconnaissance and scanning to exploitation and post-compromise analysis. The project provides instructional materials and guided exercises that cover specific technical domains, including open source intelligence research and network security courseware. It includes a practical workbook for identifying system vulnerabili
ethical-hacking-labshackinglinux
View on GitHub3,397

See all 30 alternatives to WebGoat

WebGoatWebGoat

Features

Open-source alternatives to WebGoat

ethicalhack3r/DVWA

rapid7/metasploitable3

digininja/DVWA

Samsar4/Ethical-Hacking-Labs

Star history

Open-source alternatives to WebGoat

ethicalhack3r/DVWA

rapid7/metasploitable3

digininja/DVWA

Samsar4/Ethical-Hacking-Labs