The main goal of this project is to provide a laboratory for those who are interested in learning about web security development in a practical manner.
By provisioning a local lab via docker-compose you will learn how to find, test and mitigate the most critical web application security risks.
These are vulnerable applications! ๐ฅ
- A2 - Broken Authentication - Saidajaula Monster Fit
- A3 - Sensitive Data Exposure - Insecure Go Project
- A4 - XML External Entities (XXE) - ViniJr Blog
- A5 - Broken Access Control - Vulnerable Ecommerce API
- A6 - Security Misconfiguration - Vulnerable Wordpress Misconfig
- A7 - Cross-Site Scripting (XSS) - Fofocando
- A8 - Insecure Deserialization - Amarelo Designs
- A10 - Insufficient Logging&Monitoring - GamesIrados.com