GitHub - playframework/play-webgoat: A vulnerable Play application for attackers.
Skip to content

A vulnerable Play application for attackers.

License

Notifications You must be signed in to change notification settings

playframework/play-webgoat

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

play-webgoat

Twitter Follow Discord GitHub Discussions StackOverflow YouTube Twitch Status OpenCollective

Build Status Repository size Scala Steward badge Mergify Status

A vulnerable Play application for attackers.

This application stays clear of the Twirl template engine for the most part, and shows where unvalidated input from the client can be improperly trusted by the application and included in the response.

Running

sbt run

Then go to http://localhost:9000.

Scala versions

Cross-building to Scala 2.13 and 3 is supported.