Esta lista es una compilación de los diversos tipos de aplicaciones que intencionalmente inseguras y conocidas popularmente como «Malditas Aplicaciones Vulnerables». Estas aplicaciones están hechas para ayudar a los estudiantes de seguridad a aprender y mejorar sus habilidades en el campo de la seguridad de la información y el pentesting web, mobile, etc.
Los proyectos y el crédito completo es de los creadores de estos increíbles proyectos.
Web Applications
- PHP: https://github.com/ethicalhack3r/DVWA
- PHP – OWASP Mutillidae II – https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project
- PHP – bWAP: http://www.itsecgames.com/
- Word Press : https://github.com/vianasw/dvwps
- Node JS : https://github.com/appsecco/dvna
- NodeJS – OWASP NodeJS Goat Project: https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project
- XVNA (eXtreme Vulnerable NodeJS Application): https://github.com/vegabird/xvna
- Web Sockets : https://hub.docker.com/r/tssoffsec/dvws/
- Python : https://github.com/anxolerd/dvpwa
Web Service Applications
- Web Service : https://github.com/snoopysecurity/dvws
- API : https://github.com/payatu/Tiredful-API/
Source Code
- Source Code : https://github.com/h4x0r101/Damn-Vulnerable-Source-Code
Thick Client
- Thick Client Application : https://github.com/secvulture/dvta
- Java EE : https://github.com/appsecco/dvja
Mobile Application
- iOS Swift : https://github.com/prateek147/DVIA-v2
- iOS: https://github.com/prateek147/DVIA
- Android : https://github.com/payatu/diva-android
- Hybrid Mobile Application : https://github.com/logicalhacking/DVHMA
Crypto & Block Chain
- Crypto Wallet : https://gitlab.com/badbounty/dvcw
- Wallet : https://github.com/genecyber/Damn-Vulnerable-Wallet-App
- Block Chain : https://github.com/subashsn/dvba
OS Related
- Linux : https://www.vulnhub.com/series/damn-vulnerable-linux-dvl,1/
- Windows : https://sourceforge.net/projects/dawn-vulnerability-windows/
- Device Driver : https://github.com/pwk4m1/Damn_Vulnerable_Device_Driver
Cloud Infrastructure
- Cloud Application : https://github.com/m6a-UdS/dvca
- Cloud App (AWS) : https://github.com/RhinoSecurityLabs/cloudgoat
- Function-as-a-service (AWS Lambda) : https://github.com/we45/DVFaaS-Damn-Vulnerable-Functions-as-a-Service
- Serverless Application : https://github.com/OWASP/DVSA
IoT and Hardware
- IoT : https://github.com/Vulcainreo/DVID
- Router : https://github.com/praetorian-code/DVRF
- Safe : https://insinuator.net/2016/01/damn-vulnerable-safe/
- SCADA : https://www.slideshare.net/phdays/damn-vulnerable-chemical-process
- PI : https://whitedome.com.au/re4son/sticky-fingers-dv-pi/
- SS7 Network: https://www.blackhat.com/asia-17/arsenal.html#damn-vulnerable-ss7-network
- VoIP : https://www.vulnhub.com/entry/hacklab-vulnvoip,40/
Fuente: H4x0r101