InsecureWebApp

InsecureWebApp is a web app that includes common web application vulnerabilities including SQL&Html Injection- see owasp.org. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling.

Project Samples

Report servlet vulnerable to html-injection (xss)

After updating the user table, the hacker logs in

Using the forgot-password form to become the administrator

Reviewing source code for vulnerabilities

The product listing page can list login information too

Project Activity

See All Activity >

License

Apache License V2.0

Follow InsecureWebApp

InsecureWebApp Web Site

Other Useful Business Software

Gen AI apps are built with MongoDB Atlas

Build gen AI apps with an all-in-one modern database: MongoDB Atlas

MongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.

Start Free

Rate This Project

User Reviews

Be the first to post a review of InsecureWebApp!

Additional Project Details

Languages

English

Intended Audience

Developers

User Interface

Web-based

Programming Language

Java

Database Environment

JDBC

Related Categories

Java Security Software, Java Internet Software, Java Education Software, Java Penetration Testing Tool

Registered

2005-03-31

Similar Business Software

Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
Quixxi

Quixxi is a leading provider of mobile app security solutions that empowers enterprises and security professionals to secure their mobile applications. Quixxi is proud to be the only provider of a patented and proprietary mobile app security solution. Our services includes SCAN, SHIELD, and...

See Software
PatrOwl

PatrowlHears supports your vulnerability watch process for your internal IT assets (OS, middleware, application, Web CMS, Java/.Net/Node library, network devices, IoT). Vulnerabilities and related exploitation notes at put at your disposal. Scan continuously websites, public IP, domains and...

See Software
Syhunt Hybrid

Syhunt dynamically injects data in web applications and analyzes the application response to determine if the application code is vulnerable, automating the web application security testing and proactively guarding your organization's Web infrastructure against several kinds of web application...

See Software
Indusface WAS

Get the most comprehensive application security audit done today. Indusface WAS with its automated scans & manual pen-testing ensures none of the OWASP Top10, business logic vulnerabilities and malware go unnoticed. With zero false positive guarantee and comprehensive report with remediation...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software