OWASP Broken Web Applications Project

5 Reviews

Downloads: 1,378 This Week

Last Update: 2016-09-29

Download

Get an email when there's a new version of OWASP Broken Web Applications Project

Open Web Application Security Project (OWASP) Broken Web Applications Project, a collection of vulnerable web applications that is distributed on a Virtual Machine in VMware format compatible with their no-cost and commercial VMware products.

Features

OWASP
Virtual Machine
Vulnerable Web Apps

Project Samples

Project Activity

See All Activity >

Follow OWASP Broken Web Applications Project

OWASP Broken Web Applications Project Web Site

Other Useful Business Software

Supercharge Your Manufacturing with Easy MRP and MES Software

Designed for SME manufacturers who want to reduce wasteful manual processing, save time and increase profits.

Flowlens eliminates stock-outs, shortage and overstocks, avoiding costly production delays. Stay in control of inventory levels and keep production running smoothly with real-time visibility and easy-to-use stock management. Import bulk data with ease.

Learn More

Rate This Project

User Ratings

3.8 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 4 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 3 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 4 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 3 / 5

User Reviews

Filter Reviews:

All

infoheist Edited 2025-09-29

I'm very disappointed in how entitled people are these days including jayachandra614. This is a free product so you would think that one would be appreciative of anything free this day and age and not be so entitled and down-right demanding. 1 star really? Maybe you should keep your mouth shut and go create one for ios yourself. Your little rant is the equivalent of a 3-year-old sitting down in the middle of the store and beating the ground and screaming because their mother who is buying them candy wouldn't buy them a specific flavor of candy. Grow up... If you would have given the man a real score, he is more deserving of I wouldn't have to call you out jayachandra614. If you were any type of experienced pentester at all you would know that the industry doesn't acknowledge ios as a serious pentesting platform. I am trying to give you a wakeup call before someone handles business one day with you in person and you don't see it coming... smh skiddies will never grow up and will never see the error of their ways until it is too late.
jayachandra614 Edited 2025-07-19

I'm very disappointed it doesn't support for macbook that too in this technical era, ASAP Make this OWASP Broken Web Applications Project compatible to mackbook - UTM or Vmware or virtual box.
legendtarek Posted 2016-12-03

I can't extract the downloaded file, it tells me that file corrupted that happened with all the used extractors (rar, .7z, zip, ...) is it really corrupted or there is something needs to be done ??
svobodds Posted 2014-09-06

This is great for testing skills, only thing I would add (so far) would be to add a generic page portal page for the 'Bricks' login pages after the SQL injection exploiting, to show a portal page, and the system you just accessed instead of just "logon success" banner. Otherwise it's great. I will be telling my fellow IT security classmates about this virtual machine
tfileme Posted 2013-05-14

Thanks for Owaspbwa, it's good!

1 user found this review helpful.

Additional Project Details

Registered

2010-03-05

Report inappropriate content

Supercharge Your Manufacturing with Easy MRP and MES Software

Designed for SME manufacturers who want to reduce wasteful manual processing, save time and increase profits.

Learn More

Recommended Projects

OWASP Bricks
Web application security learning platform built on PHP and MySQL
VPLE
Vulnerable Pentesting Lab Environment
Retire.js
Scanner detecting the use of JavaScript libraries
PVPLE
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" Will also run on the ProxMox server to understand how to do it pls refer to the doc in the zip named "Cybersecurity Lab Deployment on Proxmox" The default login and password is administrator: password. List Of All Labs in one VM:- 1. Web-DVWA 2. Mutillidae 3. Webgoat 4. Bwapp 5. Juice-shop 6. Security-ninjas 7. WordPress We are adding more labs in few days
OWASP Mobile Application Security
Manual for mobile app security testing and reverse engineering