Sorry for weird funny title. Every security folks know about OWASP Web goat project, one most successful project of OWASP.
WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application.
Just copy following quote from OWASP wiki why the name is WebGoat.
Why the name "WebGoat"? Developers should not feel bad about not knowing security. Even the best programmers make security errors. What they need is a scapegoat, right? Just blame it on the 'Goat!
But there are also other OWASP goat(s) project available less people know about them.
OWASP .NET Goat
One of them is OWASP .NET Goat. Will be found is Codeplex.OWASP .NET Goat is a webgoat style security learning application written in C#.
Well what about iPhone, Yes OWASP owasp-igoat is for apple iPhone.This OWASP iGoat project is a security learning tool for iOS developers to learn about security weaknesses in iOS -- by breaking things as well as fixing them.
OWASP-iGoat project home.
Happy learning… if anyone know other goat please write on comment.