Skip to content

milad00ahmadi/yooz-vulnerable-webapp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Vulnerable Web Application

Note: The codes are a total mess, I will refactor them as soon as I can

Vulnerable web app helps you to test your skills in penetration testing or learn penetration testing and help developers better understand the processes of securing web applications.
This application has been created for beginner users and teachers to teach/learn web application security. feel free to edit/add some codes to this application.

Do not upload it to your hosting provider's public HTML folder or any internet-facing web server as it will be compromised.

I recommend using docker, but you can steel use XAMPP or WAMP and use /src/ directory

$ docker-compose up --build server

Supported Vulnerabilities

  • Sql Injection
  • Blind Sql Injection
  • Authentication Bypass
  • XSS Stored
  • XSS Reflected
  • File Upload
  • Cross Site Request Forgery
  • Remote File Inclusion
  • Local File Disclosure/Download
  • Remote Code Execution
  • Remote Command Execution
  • PHP Object Injection

For installation enter your mysql database credentials in src/config/config.php

Screenshot

Releases

No releases published

Packages

No packages published

Languages