vulhub

This repository is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for vulnerability research and testing. The primary CVE ID present in the context is not explicitly stated, but the repository contains various vulnerable environments, including ones...

vulhub

It is an offensive tool for web application security training. The repository contains a collection of pre-built vulnerable environments based on Docker-Compose. The tool is designed to provide a simple way to create and manage vulnerable environments for web application security training. The...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector targeted by Vulhub is not explicitly stated, but based on the provided code and metadata, it appears to be a collection of various vulnerabilities, including but not limited to, SQL...

vulhub

It is an offensive tool for Vulnerability Environment Based on Docker-Compose. The repository contains a collection of pre-built vulnerable docker environments, allowing users to easily create and test vulnerable environments without requiring prior knowledge of docker. The tool includes various...

vulhub

It is an offensive tool for vulnerable environments. The repository contains a collection of pre-built vulnerable docker environments, including Flask SSTI, Apache Parsing Vulnerability, and others. The tool allows users to easily create and run vulnerable environments for testing and training...

vulhub

It is an offensive tool for Vulnerability Research. The repository contains a collection of pre-built vulnerable Docker environments, allowing users to test and research vulnerabilities without requiring prior knowledge of Docker. The tool is designed to be user-friendly, with a simple two-comman...

vulhub2

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...

vulhub

It is an offensive tool for web application security training. The primary target is not explicitly stated, but based on the provided code and metadata, it appears to be a collection of vulnerable environments based on Docker-Compose. The tool includes various vulnerable environments, such as Fla...

vulhub

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to be vulnerable to various attacks. The target product/service or framework varies depending on the specific environment...

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is a collection of docker-compose files that can be used to create vulnerable environments for testing and training purposes. The environments are designed to be easy to use and require no pre-existing knowledge of...

Exploit for Improper Input Validation in Redhat Openshift

This is a pre-built vulnerable Docker environment collection called Vulhub. It is an open-source project that provides a collection of vulnerable Docker environments for testing and learning purposes. The project is maintained by phith0n and is available on GitHub. The repository contains a varie...

vulhub

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...

vulhub

It is an offensive tool for Docker environments. The repository contains a collection of pre-built vulnerable Docker environments, including various web applications and services, designed to demonstrate common vulnerabilities. The tool is used to create a vulnerable environment for testing and...

vulhub1

It is an offensive tool for web application exploitation. The primary vulnerability targeted is a Server-Side Template Injection SSTI in Flask, as evidenced by the presence of the flask/ssti directory. The tool is likely designed to exploit this vulnerability, allowing an attacker to inject...

vulhub1

It is an offensive tool for web application vulnerability training. The target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Git, InfluxDB, and more. The vulnerability class/vector is no...

vulhub

It is an offensive tool for web application security training. The primary target is the web application, specifically the Flask framework. The vulnerability class/vector is Server-Side Template Injection SSTI. The probable entry points are scripts/modules such as flask/ssti/exploit.py. Notable...

vulhub

This is a Docker Compose file for a vulnerability environment. It is a collection of services that can be used to test and demonstrate various types of vulnerabilities. The file is written in YAML format and defines the services, their ports, and the networks they use. The file contains several...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The repository contains various vulnerable environments, each with its own set of vulnerabilities, allowing users to test and learn about different types of attacks. The environments are built using Docker and Docker...

H2Csmuggler - HTTP Request Smuggling Over HTTP/2 Cleartext (H2C)

h2cSmuggler smuggles HTTP traffic past insecure edge-server proxypass configurations by establishing HTTP/2 cleartext h2c communications with h2c-compatible back-end servers, allowing a bypass of proxy rules and access controls. See my detailed write-up below for: Technical breakdown of the...