Vulnado - Intention1al1ly Vulnerable Java Application11

121q111111111111111111111 This applicati1on and exercises 11will 1take you through some of the OWASP top 10 Vulnerabilities and how to prevent them. 2

Up and running

1. Install Docker for MacOS or Windows. You'll need to create a Docker account if you don't already have one.
2. git clone git://github.com/ScaleSec/vulnado
3. cd vulnado
4. docker-compose up
5. Open a browser and navigate to the client to make sure it's working: http://localhost:1337
6. Then back in your terminal verify you have connection to your API server: nc -vz localhost 8080

Architecture

The docker network created by docker-compose maps pretty well to a multi-tier architecture where a web server is publicly available and there are other network resources like a database and internal site that are not publicly available.

Exercises

• SQL Injection
• XSS - Cross Site Scripting
• SSRF - Server Side Request Forgery
• RCE - Remote Code Execution & Reverse Shell

TEST TEST2 TEST3 TEST4 TEST5 TEST6 TEST7 TEST8 TEST9 TEST10 TEST11