https://pentester.land/cheatsheets/2018/10/12/list-of-Intentionally-vulnerable-android-apps.html
https://swaroopsy.gitbooks.io/owasp-igoat-setup/content/