SamuraiWTF (Web Training and Testing Framework) is a virtual machine, supported on VirtualBox and VMWare, that has been pre-configured to function as a web pen-testing and training environment. We have built the environment using Vagrant and Ansible to provide the easiest and most cross-platform mechanism to build and enhance the environment.

SamuraiWTF is built with one primary goal, Training. The environment contains a series of vulnerable applications and the tools necessary to learn how to assess various security risks.


The scripts and resources belonging to this project itself are licensed under the GNU Public License version 3 (GPL3). All software loaded into the VM, including the tools, targets, utilities, and operating system itself retain their original license agreements.

Getting Involved

Contributors are very welcome and the contribution process is standard:

fork this project make your contribution submit a pull request Substantial or Regular contributors may also be brought in as full team members. This includes those who have made substantial contributions to previous versions of SamuraiWTF with the assumption they will continue to do so.


Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.