Vulnerable apps is a proof of concept project containing intentionally vulnerable applications designed for deployment using Vagrant and Ansible. It provides hands-on environments for learning and practicing security testing, exploitation techniques, and defensive analysis in a controlled, reproducible setup. Users can spin up virtual machines preconfigured with deliberately insecure software to study common vulnerabilities such as injection flaws, authentication bypasses, and misconfigurations. The project leverages Vagrant for managing virtualized development environments and Ansible for automated provisioning and configuration, allowing users to quickly build, reset, and tear down target systems. This makes it suitable for security professionals, penetration testers, students, and developers who want to understand offensive and defensive security concepts, practice using security tools, or develop and test detection and mitigation strategies without risking production systems.