Vulnerable Web Application helps you test your penetration testing skills or learn penetration testing and help developers better understand web application security processes.
This application has been created for beginners and educators to teach / learn the security of web applications. Do not hesitate to edit / add code to this application.
Do not upload it to your hosting provider's public HTML file or to any web server that browses the Internet, as it will be compromised.
I suggest you use docker, but you can use XAMPP or WAMP and use the folder /src/
$ docker-compose up --build server
Supported vulnerabilities
- Sql Injection
- Blind Sql Injection
- Authentication Bypass
- XSS Stored
- XSS Reflected
- Fillet Upload
- Cross-Site Request Forgery
- Remote File Inclusion
- Local File Disclosure / Download
- Remote Code Execution
- Remote Command Execution
- PHP Object Injection
To install, enter the mysql database credentials in src / config / config.php
You can download it program from here.