Intentionally vulnerable Android application.

Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.

🔬 A collection of test cases in the Java language. It contains examples for 112 different CWEs.

MobSF related Presentations, Slides and Others.

A SpringBoot Application that is vulnerable to value fuzzing

G-Unsecure

A deliberately insecure Java web application

Purposely vulnerable Java äpplication to help lead secure coding workshops

Extremely Vulnerable Blog