(opens in new window)

OWASP Vulnerable Web Applications Directory

An OWASP lab project

A comprehensive registry of known vulnerable web and mobile applications for legal security testing and training.

Thanks to our contributors.

Browse & search

Search by name or author. Filter by collection, technology, or category.

-

Loading…

About VWAD

The OWASP Vulnerable Web Applications Directory (VWAD) Project is a well-maintained registry of vulnerable web and mobile applications available for security professionals. Use them for training, tool testing, and practice in realistic environments.

Applications are classified as Online, Offline, Mobile, Containerized (Docker, VMs, ISOs), or Platform.

Contributors

Thanks to everyone who has contributed to the directory and this site across the project repositories.

Loading…