OWASP/OWASP-VWAD

:warning: This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory

GitHub repository with 883 stars and 220 forks.

Topics: appsec, vulnerable-web-app, vulnerable-web-application, vulnerable, owasp

Open provider repository

24h trend summary

Trending score 0.00, activity score 0.00, stars gained not enough history, forks gained not enough history.

Latest metric snapshot

2026-06-05: 883 stars and 220 forks.

Similar repositories

  1. 1. zaproxy/zaproxy

    The ZAP by Checkmarx Core project

    GitHub repository with 15,218 stars and 2,563 forks.

    Trending score: 1.82; stars gained: +8; forks gained: +0.

    Language: Java

    Topics: zap, zap-development, dast, appsec, zaproxy, security

  2. 2. trynullsec/nullsec-s1

    Security-native LLM system for AI-generated application security.

    GitHub repository with 179 stars and 52 forks.

    Trending score: 1.39; stars gained: +27; forks gained: +12.

    Language: Python

    Topics: ai-security, appsec, code-security, llm, mcp, qlora

  3. 3. juice-shop/juice-shop

    OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

    GitHub repository with 13,276 stars and 18,206 forks.

    Trending score: 1.32; stars gained: +23; forks gained: +30.

    Language: TypeScript

    Topics: 24pullrequests, application-security, appsec, ctf, hacking, hacktoberfest

  4. 4. praetorian-inc/titus

    High-performance secrets scanner. CLI, Go library, Burp Suite extension, and Chrome extension. 487 detection rules with live credential validation.

    GitHub repository with 589 stars and 62 forks.

    Trending score: 0.98; stars gained: +7; forks gained: +0.

    Language: Go

    Topics: appsec, burp-suite-extension, chrome-extension, credential-scanner, devsecops, go

  5. 5. CyberStrikeus/CyberStrike

    AI-powered offensive security agent with 7,300+ actionable security skills. Autonomous pentesting powered by MITRE ATT&CK (2,000+ Atomic tests), CIS Benchmarks (1,500+ controls), OWASP, NIST. Lazy-loading, zero context pollution. Your AI red team.

    GitHub repository with 301 stars and 57 forks.

    Trending score: 0.51; stars gained: +2; forks gained: +0.

    Language: TypeScript

    Topics: ai, ai-agent, bug-bounty, cybersecurity, devsecops, ethical-hacking

  6. 6. SasanLabs/VulnerableApp

    OWASP VulnerableApp Project: Break it. Scan it. Reproduce it. Benchmark against it. Improve it.

    GitHub repository with 414 stars and 700 forks.

    Trending score: 0.49; stars gained: +2; forks gained: +2.

    Language: Java

    Topics: appsec, burpsuite, css, hacktoberfest, java, javascript

Trending topic: appsec

  1. 1. zaproxy/zaproxy

    The ZAP by Checkmarx Core project

    GitHub repository with 15,218 stars and 2,563 forks.

    Trending score: 1.82; stars gained: +8; forks gained: +0.

    Language: Java

    Topics: zap, zap-development, dast, appsec, zaproxy, security

  2. 2. trynullsec/nullsec-s1

    Security-native LLM system for AI-generated application security.

    GitHub repository with 179 stars and 52 forks.

    Trending score: 1.39; stars gained: +27; forks gained: +12.

    Language: Python

    Topics: ai-security, appsec, code-security, llm, mcp, qlora

  3. 3. juice-shop/juice-shop

    OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

    GitHub repository with 13,276 stars and 18,206 forks.

    Trending score: 1.32; stars gained: +23; forks gained: +30.

    Language: TypeScript

    Topics: 24pullrequests, application-security, appsec, ctf, hacking, hacktoberfest

  4. 4. praetorian-inc/titus

    High-performance secrets scanner. CLI, Go library, Burp Suite extension, and Chrome extension. 487 detection rules with live credential validation.

    GitHub repository with 589 stars and 62 forks.

    Trending score: 0.98; stars gained: +7; forks gained: +0.

    Language: Go

    Topics: appsec, burp-suite-extension, chrome-extension, credential-scanner, devsecops, go

  5. 5. CyberStrikeus/CyberStrike

    AI-powered offensive security agent with 7,300+ actionable security skills. Autonomous pentesting powered by MITRE ATT&CK (2,000+ Atomic tests), CIS Benchmarks (1,500+ controls), OWASP, NIST. Lazy-loading, zero context pollution. Your AI red team.

    GitHub repository with 301 stars and 57 forks.

    Trending score: 0.51; stars gained: +2; forks gained: +0.

    Language: TypeScript

    Topics: ai, ai-agent, bug-bounty, cybersecurity, devsecops, ethical-hacking

  6. 6. SasanLabs/VulnerableApp

    OWASP VulnerableApp Project: Break it. Scan it. Reproduce it. Benchmark against it. Improve it.

    GitHub repository with 414 stars and 700 forks.

    Trending score: 0.49; stars gained: +2; forks gained: +2.

    Language: Java

    Topics: appsec, burpsuite, css, hacktoberfest, java, javascript