The applications in the home page are organized in the following six groups:

• Training applications: These are the ones that have sections dedicated to
  practice-specific vulnerabilities or attack techniques; some of them include
  tutorials, explanations, or other kinds of guidance.
• Realistic, intentionally vulnerable applications: Applications that act as real-world applications (stores, blogs, and social networks) and are intentionally left vulnerable by their developers for the sake of training.
• Old (vulnerable) versions of real applications: Old versions of real applications,
  such as WordPress and Joomla, are known to have exploitable vulnerabilities;
  these are useful to test our vulnerability identification skills.
• Applications for testing tools: The applications in this group can be used as benchmarks for automated vulnerability scanners.
• Demonstration pages/small applications: These are small applications that have only one or a few vulnerabilities, for demonstration purposes only.
• OWASP demonstration application: OWASP AppSensor is an interesting application; it simulates a social network and could have some vulnerabilities in it. But it will log any attack attempts, which is useful when trying to learn, for example, how to bypass some security devices such as a web application firewall.