Show HN: OWASP VulnerableApp: Break It.Scan It.Benchmark Against It.Improve It

Category: security

Tags: security-testing, vulnerable-app, scanner-benchmarking

Score: 7.3/10 (Innovation: 7, Technical: 7, Documentation: 7, Utility: 8)

OWASP VulnerableApp is a deliberately vulnerable Java application designed for benchmarking security scanners and testing security tools in a reproducible, modular environment. Its unique focus on automation, repeatability, and extensibility for scanner validation sets it apart from traditional static vulnerable apps. It is valuable for security engineers and researchers needing a controlled, evolving testbed.

Target audience: security engineers, devops, researchers

Repository: https://github.com/SasanLabs/VulnerableApp · Java · Apache-2.0 · 416 stars

View on Hacker News