Vulnerable Apps To (Legally) Practice Your Hacking Skills! Offensive security is a growing sector in the IT world. The role of a penetration tester is bigger than some year ago because the Internet now is a concrete part of the everyday life, work, and habits. Use these vulnerable apps to practice your hacking skills so you can be the best defender you can. Always remember: Deliberate practice improves the performance!\u00a0 Here's the list of Vulnerable Web Apps; \t bWAPP \t DVWA \t OWASP Hackademic Challenges Project\u00a0\u00a0\u00a0\u00a0 \t Extreme Vulnerable Node Application \t NOWASP Mutillidae \t OWASP Juice Shop \t Rapid7 Hackazon \t WackoPicko \t Xtreme Vulnerable Web Application \t OWASP WebGoat Project \t Peruggia \t Hackthis \t Crack Me Bank \t Zero Bank These Vulnerable Apps are designed to help you understand the following security issues. \tSQL Injection \u2013 Error Based \tSQL Injection \u2013 Blind \tOS Command Injection \tXPATH Injection \tFormula Injection \tPHP Object Injection \tUnrestricted File Upload \tReflected Cross-Site Scripting \tStored Cross-Site Scripting \tDOM Based Cross Site Scripting \tServer-Side Request Forgery (Cross Site Port Attacks) \tFile Inclusion \tSession Issues \tInsecure Direct Object Reference \tMissing Functional Level Access Control \tCross-Site Request Forgery (CSRF) \tCryptography \tUnvalidated Redirect & Forwards \tServer Side Template Injection \t& much more ... Good Luck and Happy Hacking! You may also be interested in reading, Web Security for Anybody and a Step by Step Guide on\u00a0a\u00a0How to Create Your First Ethical Hacking Environment. What other sites have you used to practice on? Let us know below!