They're often used for testing and demonstrating various web application security vulnerabilities:
- http://testasp.vulnweb.com/ - Acunetix ASP test and demonstration site
- -> This website, provided by Acunetix, serves as a test and demonstration site specifically for assessing security vulnerabilities in ASP (Active Server Pages) web applications.
- http://testaspnet.vulnweb.com/ - Acunetix ASP.Net test and demonstration site
- -> Similar to the ASP version, this site by Acunetix focuses on testing and demonstrating security vulnerabilities, but for ASP.NET web applications.
- http://testphp.vulnweb.com/ - Acunetix PHP test and demonstration site
- -> Acunetix offers a PHP-specific test and demonstration site, allowing security professionals to assess vulnerabilities in PHP web applications.
- http://zero.webappsecurity.com/ - Zero Bank
- -> Zero Bank is a fictitious online banking platform that serves as a test environment for security professionals to practice identifying and addressing web application vulnerabilities commonly found in financial applications.
- http://demo.testfire.net/ - Altoro Mutual
- -> Altoro Mutual is another demonstration site used for testing and training purposes. It provides a simulated banking web application environment with various security challenges.
- https://public-firing-range.appspot.com/ - Firing Range is a test bed for automated web application security scanners.
- -> Firing Range is a Google project and test bed for automated web application security scanners. It offers a range of exercises and scenarios to help evaluate the effectiveness of security scanning tools.
- https://xss-game.appspot.com/ - XSS challenge
- -> XSS Game, hosted by Google, is a challenge platform that focuses on cross-site scripting (XSS) vulnerabilities. It offers a series of levels with increasing difficulty to help users understand and mitigate XSS issues.
- https://google-gruyere.appspot.com/ Google Gruyere, web application exploits and defenses
- -> Google Gruyere is an open-source web application that serves as a platform to learn about web application exploits and defenses. Users can practice identifying and fixing security vulnerabilities.
- https://ginandjuice.shop/catalog - Gin and Juice Shop
- -> The Gin and Juice Shop is a deliberately vulnerable web application designed for security training and testing. It offers a catalog of security challenges and is a great resource for learning about common web application vulnerabilities.