bWapp Vulnerable Image


Some vulnerable test apps are fun, some provide a rich learning experience. bWapp, written by Malik Mesellem of ITSec Games,  manages to blend the two. bWapp does not pretend to be anything such as a bank or store, instead it structures itself by the challenges using an easy pull down menu. While not an actual scoreboard, the menu does provide the user some ability to track their progress and know the remaining challenges.








Walk throughs:

You can find some helpful walk throughs on Vulnhub as well as YouTube. The author also claims he will send you cheat sheets if you reach out to him on Twitter.


bWapp has three settings- low, medium and high. Low is appropriate for beginners but would bore more experienced web hackers. The high level provides some better challenges.

bWapp levels