InsecureWebApp

InsecureWebApp is a web app that includes common web application vulnerabilities including SQL&Html Injection- see owasp.org. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling.

Project Samples

Report servlet vulnerable to html-injection (xss)

After updating the user table, the hacker logs in

Using the forgot-password form to become the administrator

Reviewing source code for vulnerabilities

The product listing page can list login information too

Project Activity

See All Activity >

License

Apache License V2.0

Follow InsecureWebApp

InsecureWebApp Web Site

Other Useful Business Software

Simple, Secure Domain Registration

Get your domain at wholesale price. Cloudflare offers simple, secure registration with no markups, plus free DNS, CDN, and SSL integration.

Register or renew your domain and pay only what we pay. No markups, hidden fees, or surprise add-ons. Choose from over 400 TLDs (.com, .ai, .dev). Every domain is integrated with Cloudflare's industry-leading DNS, CDN, and free SSL to make your site faster and more secure. Simple, secure, at-cost domain registration.

Rate This Project

User Reviews

Be the first to post a review of InsecureWebApp!

Additional Project Details

Languages

English

Intended Audience

Developers

User Interface

Web-based

Programming Language

Java

Database Environment

JDBC

Related Categories

Java Security Software, Java Internet Software, Java Education Software, Java Penetration Testing Tool

Registered

2005-03-31

Similar Business Software

ZeroThreat.ai

ZeroThreat.ai is an automated penetration testing and vulnerability scanning platform designed to secure web applications and APIs. It detects, prioritizes, and helps mitigate over 40,000+ vulnerabilities, including OWASP Top 10 and CWE Top 25 issues such as logic flaws, misconfigurations, and...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
Quixxi

Quixxi is a leading provider of mobile app security solutions that empowers enterprises and security professionals to secure their mobile applications. Quixxi is proud to be the only provider of a patented and proprietary mobile app security solution. Our services includes SCAN, SHIELD, and...

See Software
PatrOwl

PatrowlHears supports your vulnerability watch process for your internal IT assets (OS, middleware, application, Web CMS, Java/.Net/Node library, network devices, IoT). Vulnerabilities and related exploitation notes at put at your disposal. Scan continuously websites, public IP, domains and...

See Software
Syhunt Hybrid

Syhunt dynamically injects data in web applications and analyzes the application response to determine if the application code is vulnerable, automating the web application security testing and proactively guarding your organization's Web infrastructure against several kinds of web application...

See Software
Indusface WAS

Get the most comprehensive application security audit done today. Indusface WAS with its automated scans & manual pen-testing ensures none of the OWASP Top10, business logic vulnerabilities and malware go unnoticed. With zero false positive guarantee and comprehensive report with remediation...

See Software