![]() ![]() VAPI is a Vulnerable Interface that demonstrates the OWASP API Top 10 vulnerabilities in the means of exercises Web application hacking game via missions, based on real vulnerabilities.Ī small webserver vulnerable to insecure deserialization ![]() Xtreme Vulnerable Web Application Downloadįirst 2 levels online, rest offline. OWASP WrongSecrets is a vulnerable app used to show how to not use secrets. Jeroen Willemsen Ben de Haan Nanne Baars Download WAVSEP - Web Application Vulnerability Scanner Evaluation Project This is a console app, however it relates to an issues that is relevant to web apps: use of XSLT transforms for XML files. Includes attack narratives and docker options for each app.Ī docker-compose file to setup a local environment that is vulnerable to CVE-2021-36740 Varnish HTTP/2 request smuggling, presented by Albinowax at Blackhat/Defcon 2021.Ī web vulnerability lab project developed by Yavuzlar. Repository with many intentionally vulnerable web applications. Please limit the usage of scanning tools on the Labs. You can go to the demo website and login(admin / test-skf) or skip login, go to Labs menu and start a Lab you want to do. Includes manual build and docker options. Log in with jsmith/demo1234 or admin/adminĬVWA - Conviso Vulnerable Web ApplicationĭIWA - Deliberately Insecure Web Applicationĭamn Vulnerable Functions as a Service (DVFaaS)ĭamn Vulnerable GraphQL Application (DVGA)ĭamn Vulnerable NodeJS Application - Node.jsĪ set of vulnerable applications which show Oauth2.0 vulnerabilities.ĭamn Vulnerable Python Web Application - DVPWA Rewanth Tammana, Akshansh Jaiswal, Hrushikesh Kakade ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |