The BodgeIt Store is a vulnerable web application for newcomers to pen-testing automation. See Security Regression Tests with ZAProxy - Demo Setup to get an idea of this project applications. Please keep in mind that that page is thin on detail and some bits from the old project page are missing:
- list of vulnerabilities
- a Scoring page at bodgeit/score.jsp ("About Us") with 14 challenges
This project shows a case for automatic testing in the 1st place. When one is in need of just an intentionally vulnerable app he or she may be better served elsewhere. E.g. see OWASP WebGoat, OWASP Vicnum Project, or Juice Shop.
Please also note that there were attempts to mavenize this project, the original one and this one