web-app-security-lab

Vulnerable Web App — Attack & Defend Lab A deliberately-vulne...

darkmarket-vuln-lab

🕶️ Dark Market Simulator An intentionally vulnerable CTF-...

Exploit for CVE-2023-39848

DAMN VULNERABLE WEB APPLICATION Damn Vulnerable Web Applicati...

Web-Application-Security-Testing

Web Application Security Testing — DVWA Lab End-to-end web ap...

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-shell-poc A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability. Recently there was a new vulnerability in log4j, a java logging library that is very widely used in the likes of elasticsearch, minecraft and numerous others. In this repository we have made and example...

编号撤回

Damn Vulnerable Web Application DVWA is a very vulnerable PHP/MySQL web application by Robin Wood Personal Developer. Help security professionals test their skills and tools in a legal environment, help web developers better understand web application security processes, and help students and...

UBUNTU-CVE-2023-29455

Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts...

Spying on old folks

We’ve tested plenty of kids GPS tracker watches over the years. Nearly all we looked at had critical security issues. For a BBC show a while back we were asked to investigate the security of similar trackers for the elderly. They’re a nice idea; allowing people to live independently for longer an...

Exploit for Buffer Underflow in Microsoft

github 军火库 web，安全，渗透，军火库 漏洞及渗透练习平台： WebGoat漏洞练习环境 https://github.com/WebGoat/WebGoat https://github.com/WebGoat/WebGoat-Legacy Damn Vulnerable Web Application漏洞练习平台 https://github.com/RandomStorm/DVWA 数据库注入练习平台 https://github.com/Audi-1/sqli-labs 用node编写的漏洞练习平台，like OWASP Node Goat...

Modern Vulnerable Web App: Hackazon

Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. Hackazon has an AJAX interface, strict workflows and RESTful API’s used by a companion mobile app providing uniquely-effective training and...

Damn Vulnerable Web App - PHP/MySQL Training Web Application that is Damn Vulnerable

Damn Vulnerable Web App DVWA is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid...

Log1 CMS 2.0 - Multiple Vulnerabilities

No description provided by source. +---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Email :...

Log1 CMS 2.0 Multiple Vulnerabilities

Exploit for php platform in category web applications +---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Emai...

ASP.NET Hack

There were a lot of excellent talks at conferences this year, but perhaps the most interesting and far-reaching presentation was one given by researchers Thai Duong and Juliano Rizzo at Ekoparty on a crypto attack against ASP.NET applications. The “padding oracle” attack that the pair implemented...

PHPOPENCHAT 3.0.2 Cross Site Scripting AND/OR FPD

Exploit for unknown platform in category web applications ================================================= PHPOPENCHAT 3.0.2 Cross Site Scripting AND/OR FPD ================================================= The PoC: 1.- Preview This web APP is Vulnerable to xss in its instalation file but you ca...