From 455daf8903b19075d4bcafee47d87135a955d662 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Rainho?= <arainho.it@gmail.com>
Date: Sat, 23 Apr 2022 00:50:46 +0100
Subject: [PATCH] new entries on Deliberately vulnerable APIs

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 4d388aa..188dec9 100644
--- a/README.md
+++ b/README.md
@@ -86,8 +86,10 @@
 | [dvws-node](https://github.com/snoopysecurity/dvws-node) | Damn Vulnerable Web Service is a vulnerable web service/API/application that we can use to learn webservices/API vulnerabilities. |
 | [Generic-University](https://github.com/InsiderPhD/Generic-University) | Vulnerable API with Laravel App |
 | [Pixi](https://github.com/DevSlop/Pixi) | The Pixi module is a MEAN Stack web app with wildly insecure APIs! |
+| [REST API Goat](https://github.com/optiv/rest-api-goat) | This is a "Goat" project so you can get familiar with REST API testing. |
 | [VAmPI](https://github.com/erev0s/VAmPI)| Vulnerable REST API with OWASP top 10 vulnerabilities for APIs |
 | [vAPI](https://github.com/roottusk/vapi)| vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises. |
+| [vulnerable-graphql-api](https://github.com/CarveSystems/vulnerable-graphql-api) | A very vulnerable implementation of a GraphQL API. |
 | [Websheep](https://github.com/marmicode/websheep) | Websheep is an app based on a willingly vulnerable ReSTful APIs. |
 
 ## Design, Architecture, Development