Simon Bennetts, ZAP project lead, and myself) created the "OWASP Vulnerable Web Applications Directory (VWAD) Project", migrating the previous list to a new community OWASP project where more people can contribute and get access to the current directory of vulnerable web apps. The vulnerable web applications have been classified in three categories: online, offline, and virtual machines or ISO images.
If you are interested in contributing to the project, you have two options:
- You can directly edit the associated OWASP wiki page, if you have wiki write access permissions, and add any new web-apps in alphabetic order or correct mistakes. If possible, please let us know when you update new content.
- You can submit a git pull request to the associated GITHUB project repository.
Enjoy and contribute to the VWAD project! :-)