GithubHelp home page GithubHelp logo

muqc123 / vulstudy Goto Github PK

View Code? Open in Web Editor NEW

This project forked from c0ny1/vulstudy

0.0 0.0 0.0 1.42 MB

使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。

Shell 70.91% Dockerfile 29.09%

vulstudy's Introduction

vulstudy

vulstudy是专门收集当下流行的漏洞学习平台,并将其制作成docker镜像,方便大家快速搭建环境,节省搭建时间,专注于的漏洞学习上。目前vulstudy包含以下漏洞学习平台:

序号 漏洞平台 包含漏洞 作者 语言
1 DVWA 综合 未知 php
2 bWAPP 综合 未知 php
3 sqli-labs SQL注入 Audi php
4 mutillidae 综合 OWASP php
5 BodgeIt 综合 psiinon java
6 WackoPicko 综合 adamdoupe php
7 WebGoat 综合 OWASP java
8 Hackademic 综合 northdpole php
9 XSSed XSS AJ00200 php
10 DSVW 综合 Miroslav Stampar python
11 vulnerable-node 综合 cr0hn NodeJS
12 MCIR 综合 Spider Labs php
13 XSS挑战之旅 XSS 未知 php

0x01 安装

# 安装docker
apt-get install docker.io
# 安装docker-compose
pip install docker-compose
# 下载vulstudy项目 
git clone https://github.com/c0ny1/vulstudy.git

0x02 使用

使用主要分两种:单独运行一个漏洞平台,同时运行多个漏洞平台。

1.单独运行一个漏洞平台

cd到要运行的漏洞平台下运行以下命令

cd vulstudy/DVWA
docker-compose up -d #启动容器
docker-compose stop #停止容器

2.同时运行所有漏洞平台

在项目根目录下运行以下命令

cd vulstudy
docker-compose up -d #启动容器
docker-compose stop #停止容器

主界面

0x3 FAQ

1.第一次启动bWAPP容器访问其主页会报错如下:

Connection failed: Unknown database 'bWAPP'

解决: 第一次创建应事先访问/install.php来创建数据库!

2.第一次搭建DVWA,在苹果系统下的safari浏览器下无法初始化数据库,并提示如下:

CSRF token is incorrect

解决: 使用苹果系统下的其他浏览器即可,比如Chrome。

0x4 声明

该项目只是收集了当下比较流行的漏洞学习平台,若有侵权,请联系我!同时欢迎大家提交更多有意思的漏洞学习平台,让我们一起把它们放到docker上,方便更多人的工作和学习!

vulstudy's People

Contributors

c0ny1 avatar lavon321 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.