WebGoatPHP is a port of WebGoat to PHP and MySQL/SQLite databases. The goal is to create an interactive teaching environment for web application security by offering lessons in the form of challenges. In each challenge the user must exploit the vulnerability to demonstrate their understanding.
What is WebGoatPHP
WebGoatPHP is a deliberately insecure web application developed using PHP to teach web application security. It offers a set of challenges based on various vulnerabilities listed in OWASP. The application is a realistic teaching environment and supports four different modes.
WebGoatPHP is suitable for:
Different Operating Modes
Types Of Challenges
To contribute, fork the code on github and send a pull request. Join the discussion on our mailing list
News and Events