WebGoat

I Use This!

Inactive

Analyzed 1 day ago. based on code collected 1 day ago.

Project Summary

WebGoat is a deliberately insecure application that allows interested developers just like you to test vulnerabilities commonly found in Java-based applications that use common and popular open source components.

In a Nutshell, WebGoat...

...
has had 2,793 commits made by 162 contributors
representing 78,000 lines of code
...
is mostly written in JavaScript
with a low number of source code comments
...
has a well established, mature codebase
maintained by nobody
with stable Y-O-Y commits
...
took an estimated 19 years of effort (COCOMO model)
starting with its first commit in January, 2008
ending with its most recent commit over 2 years ago

Quick Reference

Organization:

Open Web Application Security Project (OWASP)

Project Links:

Homepage

Code Locations:

https://github.com/WebGoat/WebGoat

Similar Projects:

Managers:

Become the first manager for WebGoat

Project Security

Vulnerabilities per Version ( last 10 releases )

There are no reported vulnerabilities

Project Vulnerability Report

Security Confidence Index

Poor security track-record

Favorable security track-record

Vulnerability Exposure Index

Many reported vulnerabilities

Few reported vulnerabilities

About Project Vulnerability Report

Did You Know...

...
nearly 1 in 3 companies have no process for identifying, tracking, or remediating known open source vulnerabilities
...
you can embed statistics from Open Hub on your site
...
there are over 3,000 projects on the Open Hub with security vulnerabilities reported against them
...
you can subscribe to e-mail newsletters to receive update from the Open Hub blog