bWAPP v-1.0 released

bWAPP or a buggy web application is a free and open source web application build to allow security enthusiasts,
students and developers to better secure web applications.
It is for educational purposes only.


bWAPP contains a lot of vulnerabilities from the OWASP Top 10 project.

tool includes:

*/ injection vulnerabilities like SQL, HTML, command and mail injections.
*/ Cross-Site Scripting (XSS)
*/ Cross-Site Request Forgery (CSRF)
*/ malicious file uploads
*/ authentication, authorization and session management issues
*/ directory traversal
*/ information disclosures
*/ configuration issues
*/ and much more…

bWAPP is a PHP application that uses a MySQL database. It can be hosted on Linux and Windows using Apache/IIS and MySQL. It can also be installed with WAMP or XAMPP.
Download : (3.4 MB)
Find other version |
Resources :