As Web Applications are becoming very popular these days, there comes the needs to secure them and there are many Vulnerability Scanning Tools but while developing those tools developers need to test those tools, not only that they need to know how well is the Vulnerability Scanning tool performing but there are no or very less such vulnerable applications exists for testing those tools. There are deliberately vulnerable applications exist in the market but they are not written with such an intent and hence lags extensibility e.g. adding new vulnerablities is quite difficult.
So generally developer write there own vulnerable applications but that causes productivity loss and also many times rework is done. This Project VulnerableApp is build keeping these factors in mind so this project is scalable, extensible, easiers to integrate and easier to learn.
As solving the above issue requires addition of various vulnerabilities, hence it becomes a very good platform to learn various security vulnerabilities.
As going further this application might becomes a database for vulnerabilities hence in future it can be used for hosting CTF's and also can be come a compliance for Vulnerability Scanning tools.
Contributing to opensource is always good from learning prespective as open source is the community for learn-help-grow-ing together. We really appreciate the contribution to this project but as this project is in its initial phase so we have not set any guidelines so if you are interested in contributing to this project please send an email to [email protected] or Raise an issue in the Repository and we will try our best to onboard you to this project. if you are already onboarded please raise a Github Pull Request, we will review and merge that into the master repository.
you can also raise an issue in case you are looking for learning some kind of vulnerability which is not present in the VulnerableApp, we will try to add that vulnerability asap.
Please raise a github issue for enhancement/issues in VulnerableApp or send email to [email protected] regarding queries we will try to resolve issues asap.