VuCSA – Vulnerable Client-Server Application – Made For Learning/Presenting How To Perform Penetration Tests Of Non-Http Thick Clients

Vulnerable Client-Server Application Vulnerable client-server application (VuCSA) is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface). Currently the vulnerable application contains the following challenges: Buffer Over-read (simulated) Command Execution SQL Injection Enumeration XML Horizontal Access Control Vertical Access Control If youRead More

Cicd-Goat – A Deliberately Vulnerable CI/CD Environment

Deliberately vulnerable CI/CD environment. Hack CI/CD pipelines, capture the flags. Created by Cider Security. Description The CI/CD Goat project allows engineers and security practitioners to learn and practice CI/CD security through a set of 10 challenges, enacted against a real, full blown CI/CD environment. The scenarios are of varying difficulty levels, with each scenario focusingRead More

Erlik – Vulnerable Soap Service

Erlik – Vulnerable Soap Service Tested – Kali 2022.1 Description It is a vulnerable SOAP web service. It is a lab environment created for people who want to improve themselves in the field of web penetration testing. Features It contains the following vulnerabilities. LFI SQL Injection Informaion Disclosure Command Inejction Brute Force Deserialization Installation gitRead More

VAmPI – Vulnerable REST API With OWASP Top 10 Vulnerabilities For Security Testing

The Vulnerable API (Based on OpenAPI 3)  VAmPI is a vulnerable API made with Flask and it includes vulnerabilities from the OWASP top 10 vulnerabilities for APIs. It was created as I wanted a vulnerable API to evaluate the efficiency of tools used to detect security issues in APIs. It includes a switch on/off toRead More

EDRSandblast – Tool That Weaponize A Vulnerable Signed Driver To Bypass EDR Detections And LSASS Protections

EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Kernel callbacks and ETW TI provider) and LSASS protections. Multiple userland unhooking techniques are also implemented to evade userland monitoring. As of release, combination of userland (–usermode) and Kernel-land (–kernelmode) techniques were used to dump LSASS memory underRead More

vAPI – Vulnerable Adversely Programmed Interface Which Is Self-Hostable API That Mimics OWASP API Top 10 Scenarios Through Exercises

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises. Requirements PHP MySQL PostMan MITM Proxy Installation (Docker) docker-compose up -d Installation (Manual) Copying the Code cd <your-hosting-directory> git clone Setting up the Database Import vapi.sql into MySQL Database Configure the DBRead More

TerraGoat – Vulnerable Terraform Infrastructure

TerraGoat is Bridgecrew’s “Vulnerable by Design” Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. Introduction TerraGoat was built to enable DevSecOps design and implement a sustainable misconfiguration prevention strategy. It can be used to test a policy-as-code framework like BridgecrewRead More

Ninjasworkout – Vulnerable NodeJS Web Application

Damn Vulnerable NodeJS Application Quick Start Download the Repo => run npm i Afer Installing all dependency just run the application node app.js or nodemon app.js ADDED BUGS Prototype Pollution No SQL Injection Cross site Scripting Broken Access Control Broken Session Management Weak Regex Implementation Race Condition CSRF -Cross Site Request Forgery Weak Bruteforce ProtectionRead More

WannaRace – WebApp Intentionally Made Vulnerable To Race Condition For Practicing Race Condition

WebApp intentionally made vulnerable to Race Condition Description Race Condition vulnerability can be practiced in the developed WebApp. Task is to buy a Mega Box using race condition that costs more than available vouchers. Two challenges are made for practice. Challenge B is to be solved when PHPSESSID cookie is present, cookie is auto createdRead More

log4j-scan – A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts

A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools). Fuzzing for HTTP POST Data parameters. Fuzzing for JSON data parameters. Supports DNS callback for vulnerability discovery and validation. WAF BypassRead More