Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Stars: ✭ 10,451 (+8832.48%)

Mutual labels: training, hacking

Hacker Roadmap

📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.

Stars: ✭ 7,752 (+6525.64%)

Mutual labels: hacking, vulnerabilities

Reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Stars: ✭ 974 (+732.48%)

Mutual labels: hacking, vulnerabilities

Ginatra

A web frontend for Git repositories

Stars: ✭ 522 (+346.15%)

Mutual labels: web-application, web-app

Pentesting toolkit

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Stars: ✭ 1,268 (+983.76%)

Mutual labels: hacking, vulnerabilities

Theorytracker

🎼 HTML5/WebAudio multi-track functional harmony analysis and songwriting app! -- https://hlorenzi.github.io/theorytracker/

Stars: ✭ 62 (-47.01%)

Mutual labels: web-application, web-app

Budget

Get a grip on your finances.

Stars: ✭ 609 (+420.51%)

Mutual labels: web-application, web-app

Hackerone Lessons

Transcribed video lessons of HackerOne to pdf's

Stars: ✭ 101 (-13.68%)

Mutual labels: training, hacking

Dvwa

Damn Vulnerable Web Application (DVWA)

Stars: ✭ 5,727 (+4794.87%)

Mutual labels: training, hacking

Litecloud

User management system for the server (Home Cloud).

Stars: ✭ 26 (-77.78%)

Mutual labels: web-application, web-app

Payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Stars: ✭ 32,909 (+28027.35%)

Mutual labels: web-application, hacking

Musicode

🎶 Markup language for music creation and analysis! -- https://hlorenzi.github.io/musicode/

Stars: ✭ 34 (-70.94%)

Mutual labels: web-application, web-app

Poc

Advisories, proof of concept files and exploits that have been made public by @pedrib.

Stars: ✭ 376 (+221.37%)

Mutual labels: hacking, vulnerabilities

Hacking

hacker, ready for more of our story ! 🚀

Stars: ✭ 413 (+252.99%)

Mutual labels: hacking, vulnerabilities

Jaeles

The Swiss Army knife for automated Web Application Testing

Stars: ✭ 1,073 (+817.09%)

Mutual labels: hacking, vulnerabilities

Adoptoposs

Finding co-maintainers for your open source software project.

Stars: ✭ 93 (-20.51%)

Mutual labels: web-application, web-app

View All Similar Projects ➔

Damn Vulnerable Web Application Docker container

Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment.

The aim of DVWA is to practice some of the most common web vulnerability, with various difficultly levels, with a simple straightforward interface. Please note, there are both documented and undocumented vulnerability with this software. This is intentional. You are encouraged to try and discover as many issues as possible.

WARNING This image is vulnerable to several kinds of attacks, please don't deploy it to any public servers.

Run this image

To run this image you need docker installed. Just run the command:

docker run --rm -it -p 80:80 vulnerables/web-dvwa

And wait until it download the image and start it, after that you can see the image running in your local machine:

Just click on the Create / Reset database button and it will generate any aditional configuration needed.

Login with default credentials

To login you can use the following credentials:

Username: admin
Password: password

Set the dificulty level

The default dificulty level is the impossible level, you can change it in DVWA Security item in the left menu.

Hack and have fun !

If you are playing it in low dificulty, just to have a taste of how exploit a flaw in this app, go to SQL Injection in the left menu. In the id field, add this query:

%' and 1=0 union select null, concat(user,':',password) from users #

There are several other ways and other vulnerabilities do exploit, go ahead, have fun !

About DVWA

You can visit DVWA official website and official github repository if you want more information.

Disclaimer

This or previous program is for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that me (opsxcq) is not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of these programs is not opsxcq's responsibility.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 117

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (5) 🔗