Skip to content

@endpointlabs EndPoint Labs.

Change the repository type filter

All

    Repositories list

    21 repositories

    • Goatlin

      Public
      (aka Kotlin Goat) - an intentionally vulnerable Kotlin application
      Kotlin
      GNU General Public License v3.0
      127009Updated Dec 4, 2024Dec 4, 2024

    • vulnerable

      Public
      A Rails application containing multiple vulnerabilities used for demonstration purposes
      Ruby
      300018Updated Dec 4, 2024Dec 4, 2024

    • brokencrystals

      Public
      A Broken Application - Very Vulnerable!
      CSS
      MIT License
      2080038Updated Dec 2, 2024Dec 2, 2024

    • DamnVulnerableCryptoApp

      Public
      An app with really insecure crypto. To be used to see/test/exploit weak cryptographic implementations as well as to learn a little bit more about crypto, without the need to dive deep into the math behind it
      TypeScript
      MIT License
      2300103Updated Nov 28, 2024Nov 28, 2024

    • terragoat

      Public
      TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
      HCL
      Apache License 2.0
      2.4k0049Updated Nov 25, 2024Nov 25, 2024

    • vulpy

      Public
      Vulnerable Python Application To Learn Secure Development
      Python
      MIT License
      3920013Updated Nov 20, 2024Nov 20, 2024

    • railsgoat

      Public
      A vulnerable version of Rails that follows the OWASP Top 10
      HTML
      MIT License
      684005Updated Nov 19, 2024Nov 19, 2024

    • psalm

      Public
      Docker image for Psalm - https://github.com/vimeo/psalm
      Makefile
      7003Updated Nov 17, 2024Nov 17, 2024

    • privacy

      Public
      Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑🍆
      TypeScript
      GNU General Public License v3.0
      1743017Updated Nov 15, 2024Nov 15, 2024

    • juice-shop

      Public
      OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
      TypeScript
      MIT License
      11k0033Updated Nov 13, 2024Nov 13, 2024

    • juice-shop2

      Public
      OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
      TypeScript
      MIT License
      11k0036Updated Nov 13, 2024Nov 13, 2024

    • WebGoatFork

      Public
      JavaScript
      Other
      1009Updated Nov 12, 2024Nov 12, 2024

    • WebGoat

      Public
      JavaScript
      Other
      10411Updated Nov 10, 2024Nov 10, 2024

    • NodeGoat

      Public
      The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
      HTML
      Apache License 2.0
      1.7k1011Updated Oct 13, 2024Oct 13, 2024

    • govwa

      Public
      Go
      284001Updated Jul 4, 2024Jul 4, 2024

    • VulnerableDotNetCore3Project

      Public
      .Net Core 3.0
      HTML
      00890Updated May 13, 2024May 13, 2024

    • vulnado

      Public
      Purposely vulnerable Java application to help lead secure coding workshops
      Java
      Other
      6830013Updated Feb 22, 2024Feb 22, 2024

    • VulnerableApp-php

      Public
      Vulnerable Application written in PHP
      PHP
      Apache License 2.0
      23000Updated Dec 31, 2022Dec 31, 2022

    • KaiMonkey

      Public
      KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
      HCL
      Apache License 2.0
      223000Updated Sep 6, 2022Sep 6, 2022

    • iac

      Public
      Infrastructure as Code
      HCL
      GNU General Public License v3.0
      3000Updated Jun 10, 2022Jun 10, 2022

    • govwa-1

      Public
      Go
      284000Updated Aug 12, 2021Aug 12, 2021