Xtreme Vulnerable Web Application (XVWA)

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security. It’s not advisable to host this application online as it is designed to be “Xtremely Vulnerable”. We recommend hosting this application in local/controlled environment and sharpening your application security ninja skills with any tools of your own … Read more

Virtual Hacking Lab

A mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats. Virtual Hacking Lab is a free software application from the Other subcategory, part of the Network & Internet category. The app is currently available in English … Read more

Damn Vulnerable Windows

Publisher Description Download here: https://sourceforge.net/projects/dawn-vulnerability-windows/ Damn Vulnerable Windows (DVW) is a training and educational tool for IT security researchers and students. It aims to provide an insecure suite of Microsoft Windows platform packages with known security vulnerabilities which may be exploited in a lab Antivirus Information We did not scan Damn Vulnerable Windows for viruses, … Read more

Nipper – Toolkit Web Scan 1.4

Publisher Description Download: https://nipper-toolkit-web-scan.soft112.com/modal-download.html Nipper is very useful for checking the security of the type CMS (Content Management System) websites, especially if they are the most used platforms like WordPress, Drupal, Joomla, Blogger, Magento, Concrete5, VBulletin. Scan Nipper Web Toolkit will help you strengthen the security of your websites sites, performing a scan generally to … Read more

AutoRooter – PHP based Exploit

Publisher Description https://autorooter-php-based-exploit.soft112.com/download.html A PHP based auto Local Exploit trigger. It detects kernel version ,gcc and auto pwn it for specific vulnerabilities. A standard proof of concept.This PHP based script, when allows to upload on vulnerable server . AutoRooter – PHP based Exploit is a free software application from the Other subcategory, part of the … Read more

Exploitable Vulnerable Apps Operating Systems Virtual Machines VMs for Testing

Badstore: Badstore is one of the most vulnerable web application on which security researchers can practice their skills. It has vulnerabilities like cross-site scripting (XSS), SQL injection, clickjacking, password hash (MD5 decoding) and, if you’re good at penetration testing, you may find the robot.txt file and use it for further exploits. You need to download … Read more

Practice SQLi XSS CSRF, File Injection and Download DVWA Damn Vulnerable Web App

DVWA – It stands for Damn Vulnerable Web App. It is based on PHP and runs on MySQL database server, which is indeed damn vulnerable. It has three levels of security: Low, Medium, and High. Each level of security demands different skills. Developers have decided to share its source code, too, so that security researchers can … Read more