As a developer, I’ve learned that I usually gain a better understanding of best/worst

Question

0

Asked: May 10, 20262026-05-10T22:15:00+00:00 2026-05-10T22:15:00+00:00

As a developer, I’ve learned that I usually gain a better understanding of best/worst

0

As a developer, I’ve learned that I usually gain a better understanding of best/worst practices through experience. The area of web application security isn’t really somewhere where my organization can afford to let developers learn through trial and error.

So looking for a hands-on approach to knowledge sharing of best practices in web application security, I was thinking that it would be useful to have an open source application that was deliberately built to be insecure in order to help teach junior developers about application security.

Does anyone out there know where to find something like this?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

score 0 · Answer 1 · 2026-05-10T22:15:01+00:00

There are online (hacking challenge / practice / fun ) and offline (you got the source code) apps:

Offline :

OWASP Webgoat
Foundstone Hackme Series
- Hackme Bank
- Hackme Travel
- Hackme Casino
- Hackme Books
WebMaven
SecuriBench
You can download VmWare Images of old vulnerable known CMSs, or just download them from repositories (try sourceforge or official old releases and find vulnerabilities from Securityfocus BID )

Online

More Realistic Demonstration

This is an old list I grabbed from somewhere, some of them can be down right now.

Challenge sort of examples

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

As a developer, I’ve learned that I usually gain a better understanding of best/worst

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply