| Name | Description |
|---|---|
| APISandbox | Pre-Built Vulnerable Multiple API Scenarios Environments Based on Docker-Compose. |
| crAPI | completely ridiculous API (crAPI) |
| Damn-Vulnerable-GraphQL-Application | Damn Vulnerable GraphQL Application is intentionally vulnerable implementation of Facebook's GraphQL technology to learn and practice GraphQL Security. |
| DamnVulnerableMicroServices | This is a vulnerable microservice written in many languages to demonstrating OWASP API Top Security Risk (under development) |
| dvws-node | Damn Vulnerable Web Service is a vulnerable web service/API/application that we can use to learn webservices/API vulnerabilities. |
| Generic-University | Vulnerable API with Laravel App |
| VAmPI | Vulnerable REST API with OWASP top 10 vulnerabilities for APIs |
| Websheep | Websheep is an app based on a willingly vulnerable ReSTful APIs. |
GraphQL https://github.com/twseptian/graphql-security-labs
Triedfull API https://github.com/payatu/Tiredful-API/