InsecureWebApp

InsecureWebApp is a web app that includes common web application vulnerabilities including SQL&Html Injection- see owasp.org. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling.

Project Samples

Report servlet vulnerable to html-injection (xss)

After updating the user table, the hacker logs in

Using the forgot-password form to become the administrator

Reviewing source code for vulnerabilities

The product listing page can list login information too

Project Activity

See All Activity >

License

Apache License V2.0

Follow InsecureWebApp

InsecureWebApp Web Site

Other Useful Business Software

8 Monitoring Tools in One APM. Install in 5 Minutes.

Errors, performance, logs, uptime, hosts, anomalies, dashboards, and check-ins. One interface.

AppSignal works out of the box for Ruby, Elixir, Node.js, Python, and more. 30-day free trial, no credit card required.

Start Free

Rate This Project

User Reviews

Be the first to post a review of InsecureWebApp!

Additional Project Details

Languages

English

Intended Audience

Developers

User Interface

Web-based

Programming Language

Java

Database Environment

JDBC

Related Categories

Java Security Software, Java Internet Software, Java Education Software, Java Penetration Testing Tool

Registered

2005-03-31

Similar Business Software

Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
Parasoft

"Parasoft delivers an AI‑powered software testing platform that helps organizations continuously release high‑quality software. Our solutions support embedded and enterprise teams by integrating code analysis, testing, virtualization, and coverage into the delivery pipeline to improve security,...

See Software
ZeroPath

ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with advanced program analysis to find and automatically fix...

See Software
CMW Platform

Low-code BPMS, helps mid-size and large companies automate, and improve business processes while staying aligned with enterprise architecture and IT policies. Business and IT teams can quickly build and adapt workflows without deep coding skills. BPM suite supports common use cases like CapEx...

See Software