# Web Application Testing References ## Vulnerable Servers There are a series of vulnerable web applications that you can use to practice your skills in a safe environment. You can get more information about them in the [vulnerable_servers directory in this repository](https://github.com/The-Art-of-Hacking/art-of-hacking/tree/master/vulnerable_servers). ## A Few Popular Tools The following are a few popular tools that you learned in the video courses part of these series: * [Burp Suite](https://portswigger.net/burp) * [OWASP Zed Attack Proxy (ZAP)](https://github.com/zaproxy/zaproxy) * [sqlmap](http://sqlmap.org/) * [Paros Proxy](http://sectools.org/tool/paros/) * [httrack](https://www.httrack.com/) * [skipfish](https://code.google.com/archive/p/skipfish/) ## How to Integrate OWASP ZAP with Jenkins You can integrate ZAP with Jenkins and even automatically create Jira issues based on your findings. You can download the [ZAP plug in here](https://wiki.jenkins.io/display/JENKINS/zap+plugin). [This video](https://www.youtube.com/watch?v=mmHZLSffCUg) provides an overview of how to integrate