Skip to content

@codacy-security codacy-security

Change the repository type filter

All

    Repositories list

    25 repositories

    • rust-goat

      Public
      Simple REST API with vulnerabilities written in Rust
      Rust
      Other
      2000Updated Apr 7, 2026Apr 7, 2026

    • juice-shop

      Public
      OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
      TypeScript
      MIT License
      17k001Updated Apr 7, 2026Apr 7, 2026

    • wrongsecrets

      Public
      Vulnerable app with examples showing how to not use secrets
      Java
      GNU Affero General Public License v3.0
      546000Updated Apr 7, 2026Apr 7, 2026

    • terragoat

      Public
      TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration e…
      HCL
      Apache License 2.0
      5.7k001Updated Apr 7, 2026Apr 7, 2026

    • claude-code-breach

      Public
      Claude Code Snapshot for Research. All original source code is the property of Anthropic.
      TypeScript
      107k200Updated Mar 31, 2026Mar 31, 2026

    • railsgoat

      Public
      A vulnerable version of Rails that follows the OWASP Top 10
      HTML
      MIT License
      793001Updated Dec 5, 2025Dec 5, 2025

    • supplygoat

      Public
      "Vulnerable by Design" supply chain is a learning and training project that demonstrates how common configuration errors can find their way into production clou…
      Ruby
      Apache License 2.0
      283000Updated Aug 27, 2025Aug 27, 2025

    • semgrep-rules

      Public
      Semgrep rules registry
      Solidity
      Other
      518000Updated Nov 11, 2024Nov 11, 2024

    • sbt-dependency-lock

      Public
      sbt plugin for creating dependency lockfiles
      Scala
      Apache License 2.0
      6000Updated Jul 4, 2024Jul 4, 2024

    • BenchmarkJava

      Public
      OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools.
      Java
      GNU General Public License v2.0
      1.4k000Updated May 8, 2024May 8, 2024

    • sample_secrets

      Public
      Python
      145000Updated Feb 2, 2024Feb 2, 2024

    • govwa

      Public
      Go
      329000Updated Jan 8, 2024Jan 8, 2024

    • gitlab-sast-rules

      Public
      Java
      MIT License
      0100Updated Nov 16, 2023Nov 16, 2023

    • example-package-dealer

      Public
      Example package for use with the Swift Package Manager
      Swift
      Apache License 2.0
      124000Updated Oct 25, 2023Oct 25, 2023

    • cfngoat

      Public
      Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration …
      641000Updated Aug 18, 2023Aug 18, 2023

    • horusec-examples-vulnerabilities

      Public
      Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
      Elixir
      Apache License 2.0
      39000Updated Jul 5, 2023Jul 5, 2023

    • DVIA-v2

      Public
      Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable.
      Swift
      MIT License
      230000Updated Jun 23, 2023Jun 23, 2023

    • DVWA

      Public
      Damn Vulnerable Web Application (DVWA)
      PHP
      GNU General Public License v3.0
      4.7k000Updated Jun 19, 2023Jun 19, 2023

    • Vulnerable-Flask-App

      Public
      Intentionally Vulnerable Flask app for use in Demos
      Python
      158000Updated May 23, 2023May 23, 2023

    • cdkgoat

      Public
      CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors …
      Python
      Apache License 2.0
      53000Updated May 9, 2023May 9, 2023

    • lets-be-bad-guys

      Public
      A deliberately-vulnerable website and exercises for teaching about the OWASP Top 10
      HTML
      Other
      376000Updated Mar 10, 2023Mar 10, 2023

    • kustomizegoat

      Public
      Vulnerable Kustomize Kubernetes templates for training and education
      HTML
      102000Updated Jun 21, 2022Jun 21, 2022

    • bicepgoat

      Public
      BicepGoat is Bridgecrew's "Vulnerable by Design" Bicep and ARM repository. BicepGoat is a learning and training project that demonstrates how common configurati…
      Bicep
      Apache License 2.0
      42000Updated May 20, 2022May 20, 2022

    • vaas-cve-2014-6271

      Public
      Vulnerability as a service: showcasing CVS-2014-6271, a.k.a. Shellshock
      Dockerfile
      GNU General Public License v2.0
      7000Updated Oct 8, 2019Oct 8, 2019

    • WebGoat.NET

      Public
      OWASP WebGoat.NET
      C#
      724000Updated Aug 20, 2015Aug 20, 2015
    ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.