github Active

Repository profile

OWASP/NodeGoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

HTML Apache-2.0 master Stack scanned README.md

Open website Open GitHub

Stars: 2,052
Forks: 2,611
Watchers: 75
Issues: 95
Commits: 461
Awesome lists: 1

Activity and growth

Tracked growth, recent movement, and commit velocity from stored repository snapshots.

Latest capture 2026-06-22 13:22

Star growth, last 7 days: 0 0.0%
Commit velocity, last 7 days: 0 0.0%
Stars since baseline: 0
Snapshot coverage: 1

Tracked growth

1 capture since 2026-06-22

Stars from baseline 0

Time horizon

All tracked data

Custom start Custom end

Stars history

Total stars

Commits history

Default branch commits

Detected stack

Frameworks, package managers, ecosystems, and dependency manifests found during catalog scans.

Scanned 2026-06-22 13:22

Stack signals: 1
Package managers: 1
Manifest files: 2
Dependencies: 36

Frameworks and tools

Express web framework · high confidence

npm javascript

Dependency files

2 manifests

package.json javascript ecosystem, 36 dependencies
package-lock.json javascript ecosystem, 0 dependencies

Classification

Searchable topics, generated tags, and stack labels that explain where this repository fits.

Topics: 8
Tags: 0
Stacks: 1

Topics

#docker #heroku #javascript #nodegoat #nodejs #owasp-top-ten #owasp-zap #vulnerabilities

Generated tags

No generated tags yet.

Stack labels

Express

AI development signals

Agent instructions and tool configuration paths found in the repository tree.

0 paths

No AI development config files detected.

Similar repositories

Nearest indexed repositories by embedding similarity.

juice-shop/juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

13,376 stars

TypeScript 2 awesome lists

cider-security-research/cicd-goat

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.

2,274 stars

Python 1 awesome list

WebGoat/WebGoat

WebGoat is a deliberately insecure application

9,167 stars

JavaScript 1 awesome list

zauberware/rails-devise-graphql

A Rails 6 boilerplate to create your next Saas product. Preloaded with graphQL, devise, JWT, CanCanCan, RailsAdmin, Rubocop, Rspec, i18n and more.

284 stars

Ruby 1 awesome list

warp-tech/warpgate

Fully transparent SSH, HTTPS, Kubernetes, MySQL and Postgres bastion/PAM that doesn't need additional client-side software

7,123 stars

Rust 1 awesome list

lirantal/is-website-vulnerable

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

2,030 stars