OWASP SamuraiWTF is a complete linux desktop for use in application security training. It is free and open-source, distributed both as pre-built VMs and as source code. The source consists of a Vagrantfile, static assets, and build scripts. During the build process, it retrieves a variety of tools and training targets. Most of these are open-source projects managed by their own respective teams and contributors. Some examples are:
- OWASP Juice Shop
- OWASP Zed Attack Proxy
- Mutillidae
- SQLMap
It also includes some proprietary software, such as the Community Edition of PortSwigger's Burp Suite.
OWASP SamuraiWTF welcomes and encourages issues on the GitHub repository for bugs and enhancements. If you have the skills to contribute, pull requests are also always welcome.