As Web Applications are becoming popular these days, there comes a dire need to secure them. Although there are several Vulnerability Scanning Tools, however while developing these tools, developers need to test them. Moreover, they also need to know how well is the Vulnerability Scanning tool performing.
**VulnerableApp** is built keeping these factors in mind. This project is scalable, extensible, easier to integrate and easier to learn. As solving the above issue requires addition of various vulnerabilities, hence it becomes a very good platform to learn various security vulnerabilities.
Do tryout: [https://github.com/SasanLabs/VulnerableApp](https://github.com/SasanLabs/VulnerableApp)
Also While writing vulnerableApp, i realised that vulnerabilities are quite diverse and vary from tech stack to other tech stack. Hence i am working on a project called Owasp VulnerableApp Facade. Have a look: [https://github.com/SasanLabs/VulnerableApp-facade](https://github.com/SasanLabs/VulnerableApp-facade)
Other opensource work: [https://github.com/SasanLabs/owasp-zap-jwt-addon](https://github.com/SasanLabs/owasp-zap-jwt-addon)