InsecureWebApp

InsecureWebApp is a web app that includes common web application vulnerabilities including SQL&Html Injection- see owasp.org. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling.

Project Samples

Report servlet vulnerable to html-injection (xss)

After updating the user table, the hacker logs in

Using the forgot-password form to become the administrator

Reviewing source code for vulnerabilities

The product listing page can list login information too

Project Activity

See All Activity >

License

Apache License V2.0

Follow InsecureWebApp

InsecureWebApp Web Site

Other Useful Business Software

Cloud-based help desk software with ServoDesk

Full access to Enterprise features. No credit card required.

What if You Could Automate 90% of Your Repetitive Tasks in Under 30 Days? At ServoDesk, we help businesses like yours automate operations with AI, allowing you to cut service times in half and increase productivity by 25% - without hiring more staff.

Try ServoDesk for free

Rate This Project

User Reviews

Be the first to post a review of InsecureWebApp!

Additional Project Details

Languages

English

Intended Audience

Developers

User Interface

Web-based

Programming Language

Java

Database Environment

JDBC

Related Categories

Java Security Software, Java Internet Software, Java Education Software, Java Penetration Testing Tool

Registered

2005-03-31

Similar Business Software

ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Criminal IP

Criminal IP is a comprehensive threat intelligence search engine that detects vulnerabilities of personal and corporate cyber assets in real time and facilitates preemptive responses accordingly. Originated from the idea that individuals and corporations would be able to strengthen their cyber...

See Software
Parasoft

Parasoft helps organizations continuously deliver high-quality software with its AI-powered software testing platform and automated test solutions. Supporting embedded and enterprise markets, Parasoft’s proven technologies reduce the time, effort, and cost of delivering secure, reliable, and...

See Software
ZeroPath

ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with advanced program analysis to find and automatically fix...

See Software