A vulnerable web app for security research/pentesting training.
This application is build on purpose to be vulnerable for security research and as a pentesting exercise. Please, do not use this application in a production environment. I do not take any responsibility if your production environment got hacked because you tried using this as a legitimate app. I also do not take any responsibility if you connected this web app to the internet, resulting in your home network getting hacked. Keep it on a virtual machine and/or on a well isolated network.
- Linux
- Apache
- MySQL
- PHP 5.6
- Bootstrap (front-end)
- SQL Injection
- Remote Code Execution
- XSS