GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → qazbnm456 → Vwgen

qazbnm456 / Vwgen

Licence: other
Vulnerable Web applications Generator

Programming Languages

python
139335 projects - #7 most used programming language

Labels

dockergeneratoraddonvulnerabilities

Projects that are alternatives of or similar to Vwgen

Guaka
The smartest and most beautiful (POSIX compliant) Command line framework for Swift 🤖
Stars: ✭ 1,145 (+1426.67%)
Mutual labels:  generator
Ember Attacher
Native tooltips and popovers for Ember.js
Stars: ✭ 69 (-8%)
Mutual labels:  addon
Hacker ezines
A collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-4%)
Mutual labels:  vulnerabilities
Vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+11692%)
Mutual labels:  vulnerabilities
Ttpassgen
密码生成 flexible and scriptable password dictionary generator which can support brute-force、combination、complex rule mode etc...
Stars: ✭ 68 (-9.33%)
Mutual labels:  generator
The forge
Our groundbreaking, lightning fast PWA CLI tool
Stars: ✭ 70 (-6.67%)
Mutual labels:  generator
Telosys Cli
Telosys v 3 CLI - Command Line Interface
Stars: ✭ 66 (-12%)
Mutual labels:  generator
Openvulnapi
Documentation and Tools for Cisco's PSIRT openVuln API
Stars: ✭ 73 (-2.67%)
Mutual labels:  vulnerabilities
Invoice It
📃 Generate your orders or your invoices and export them in html, pdf or buffer easily.
Stars: ✭ 69 (-8%)
Mutual labels:  generator
Vos backend
vangav open source - backend; a backend generator (generates more than 90% of the code needed for big scale backend services)
Stars: ✭ 71 (-5.33%)
Mutual labels:  generator
Mmarkdown
Interpret mmd fenced code blocks in a markdown file and generate a cooler version of it.
Stars: ✭ 67 (-10.67%)
Mutual labels:  generator
Generator Rn Toolbox
The React Native Generator to bootstrap your apps
Stars: ✭ 1,155 (+1440%)
Mutual labels:  generator
Jsoncsharpclassgenerator
JsonCSharpClassGenerator from http://jsonclassgenerator.codeplex.com/
Stars: ✭ 70 (-6.67%)
Mutual labels:  generator
Readme Md Generator
📄 CLI that generates beautiful README.md files
Stars: ✭ 9,184 (+12145.33%)
Mutual labels:  generator
Openapi Mock Generator
Progressive Web App for generating mocked data from an OpenAPI specification
Stars: ✭ 72 (-4%)
Mutual labels:  generator
Icongenerator
🍱 A macOS app to generate app icons
Stars: ✭ 1,144 (+1425.33%)
Mutual labels:  generator
Godot Engine.file Editor
A Godot Engine addon that adds a File Editor for multiple file types editing. Create and Write plain text files, configuration files and csv files with custom visualizers and previews. Also supports file translations!
Stars: ✭ 70 (-6.67%)
Mutual labels:  addon
Anchore Engine
A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification
Stars: ✭ 1,192 (+1489.33%)
Mutual labels:  vulnerabilities
Addon Wireguard
WireGuard - Home Assistant Community Add-ons
Stars: ✭ 72 (-4%)
Mutual labels:  addon
Gp Vue Boilerplate
Grabarz & Partner Boilerplate is a professional front-end template for building fast, robust, and adaptable web apps or sites with vuejs.
Stars: ✭ 71 (-5.33%)
Mutual labels:  generator
View All Similar Projects ➔

Vulnerable Web applications Generator

This is the Git repo of the VWGen, which stands for Vulnerable Web applications Generator.

Relevant links: Github

Table of contents

Releases

  • 0.1.0 -- Initial release
  • 0.2.0 -- Now, VWGen can also be one of Tsaotun's addon. 🎉

Status quo

  1. Supporting very limited modules, such as SQLI, NOSQLI, LFI, CRLF, Command Injection and XSS.
  2. There are two important modules which play essential role in deploying vulnerable web apps.
    • unfilter module scrap the sites and find the keywords to be replaced by parameters.
    • expand module learn the sites and try to rearrange the elements to let child modules insert their payloads within it.
  3. Only two themes right now.
  4. Python3 is currently not supported!
  5. --file option works, but it still needs some developing. Example command: ./VWGen.py --file="$VWGen_HOME/examples/2016_ais3_web3/sample.py"

Feature

--file option makes share web challenges easily. All you need to do is provide a custom script, which defines how vulnerabilities would be made or be triggered, and each one can just load that script to spawn the same vulnerable web applications immediately.

There is a examples/ directory in the root folder, and I will put some sample scripts in it. Now, we have so many scripts!

Install

  1. Install docker binary. Only versions 1.11.0 above are supported. Check out official installing guide.
  2. sudo apt-get install -y libcurl4-gnutls-dev libcurl4-nss-dev libcurl4-openssl-dev to make pycurl happy.
  3. Pull fundamental images that we gonna use with VWGen:
    • docker pull richarvey/nginx-php-fpm:php5
    • docker pull richarvey/nginx-php-fpm:php7
    • docker pull mysql:5
    • docker pull phpmyadmin/phpmyadmin:4.6.5.1-1
    • docker pull node:7
  4. Install lxml: apt-get install python-lxml.
  5. Clone VWGen and cd to it.
  6. Install packages:
    1. Through pip
      • pip install -r requirements.txt
    2. Through pipenv
      • pip install pipenv
      • pipenv install
      • pipenv shell or pipenv shell --fancy
  7. Type ./VWGen.py --help to test if it works or check below for more instructions.

Instruction

Usage: VWGen.py [options]

Options:
--version             show program's version number and exit
-h, --help            show this help message and exit
-c, --console         enter console mode
--backend=BACKEND     configure the backend (Default: php)
--theme=THEME         configure the theme (Default: startbootstrap-
                        agency-1.0.6)
--expose=EXPOSE_PORT  configure the port of the host for container binding
                        (Default: 80)
--database=DBMS, --db=DBMS
                        configure the dbms for container linking
--modules=LIST        list of modules to load (Default: +unfilter)
--color               set terminal color
-v, --verbose         set verbosity level

Under development:
    Following options are still in development!

    --file=FILENAME     specify the file that VWGen will gonna operate on

In Brief

Which types of vulnerabilities will be generated would depend on the modules you set while you start VWGen, and following are some screenshots of VWGen:

  • ./VWGen.py -c - Enter console mode.
  • ./VWGen.py - Start VWGen with some default arguments.
  • ./VWGen.py --module="+sqli" --database="MySQL" - Start VWGen with MySQL based SQL Injection.
  • ./VWGen.py --module="+exec" - Start VWGen with command injection vulnerability.

Known issues

  1. mod_expand.py can produce defferent extensions, but it still needs user's interaction to modify source code (Warning message is provided).

Contributing to VWGen

Linux Windows MacOSX
Compatibility Docker Version Compatibility Docker Version Compatibility Docker Version

Wanna enrich the possibilities that VWGen can inspire? Send pull requests or issues immediately!

LICENSE

This project use Apache License, Version 2.0.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].