Vulnerable Web Application helps you test your penetration testing skills or learn penetration testing and help developers better understand web application security processes.
This app is made for beginners and educators to teach/learn web application security. Feel free to edit/add code in this application.
Do not upload it to your hosting provider's public HTML folder or anyone else's web server seen on the Internet, because it will be violated.
I suggest using docker, but you can use XAMPP or WAMP and use the folder /src/
$ docker-compose up --build server
Supported vulnerabilities
- Sql Injection
- Blind Sql Injection
- Authentication Bypass
- XSS Stored
- XSS Reflected
- File Upload
- Cross-Site Request Forgery
- Remote File Inclusion
- Local File Disclosure/Download
- Remote Code Execution
- Remote Command Execution
- PHP Object Injection
To install, enter the mysql database credentials in src / config / config.php
You can download the program from here.