OWASP WrongSecrets Welcome to the OWASP WrongSecrets p0wnable app. With this app, we have packed various ways of how to not store your secrets. These can help you to realize whether your secret management...
VAmPI VAmPI is a vulnerable API made with Flask and it includes vulnerabilities from the OWASP top 10 vulnerabilities for APIs. It was created as I wanted a vulnerable API to evaluate the efficiency...
What is CTFd? CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it’s easy to customize with plugins...
cicd-goat The CI/CD Goat project allows engineers and security practitioners to learn and practice CI/CD security through a set of 10 challenges, enacted against a real, full-blown CI/CD environment. The scenarios are of varying...
BlueToolkit BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. It works by executing templated exploits one by one and verifying appropriate properties based...
Kubernetes Goat Kubernetes Goat is an interactive Kubernetes security learning playground. It has intentionally vulnerable by design scenarios to showcase the common misconfigurations, real-world vulnerabilities, and security issues in Kubernetes clusters, containers, and cloud native...
AHHHZURE AHHHZURE is an automated vulnerable Azure deployment script designed for offensive security practitioners and enthusiasts to brush up their cloud sec skills. The lab has 5 flags in total to collect. You may...
ZANSIN ZANSIN is envisioned as a GROUNDBREAKING cybersecurity training tool designed to equip users against the ever-escalating complexity of cyber threats. It achieves this by providing learners with a platform to engage in simulated...
LogSnare LogSnare is an intentionally vulnerable web application, where your goal is to go from a basic gopher user of the LogSnare company to the prestigious acme-admin of Acme Corporation. The application, while hosting multiple vulnerabilities,...
Ace The Game Ace The Game is the first open-source hacking tool designed for manipulating the memory of Android applications enabling users to change and freeze memory values. This tool also has an interesting...
