| [REST API Goat](https://github.com/optiv/rest-api-goat) | This is a "Goat" project so you can get familiar with REST API testing. |
100
100
| [VAmPI](https://github.com/erev0s/VAmPI)| Vulnerable REST API with OWASP top 10 vulnerabilities for APIs |
101
101
| [vAPI](https://github.com/roottusk/vapi)| vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises. |
102
+
| [vuln-graphql-api](https://github.com/kaakaww/vuln-graphql-api) | A very vulnerable implementation of a GraphQL API. |
102
103
| [vulnerable-graphql-api](https://github.com/CarveSystems/vulnerable-graphql-api) | A very vulnerable implementation of a GraphQL API. |
103
104
| [Websheep](https://github.com/marmicode/websheep) | Websheep is an app based on a willingly vulnerable ReSTful APIs. |