Skip to content
/ NastyWebHackme Public

Broken web app intentionally built with pentesting obstacles

License

GPL-2.0 license
15 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

thomaspatzke/NastyWebHackme

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits

static

static

 
 

templates

templates

 
 

BrokenApp.py

BrokenApp.py

 
 

Burp Session Handling.pdf

Burp Session Handling.pdf

 
 

BurpSessionHandling.burp-projectopts.json

BurpSessionHandling.burp-projectopts.json

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

ServerSideSession.py

ServerSideSession.py

 
 

Repository files navigation

Docker

The easiest way to run the application is to use Docker. Run the following command line to build the container:

docker build -t nastywebhackme .

Run the app then with:

docker run -p 8001:8001 -d nastywebhackme

Install

  1. Install Python 3.4 + virtualenv
  2. (optional) virtualenv -p python3 pyenv
  3. (optional) . pyenv/bin/activate
  4. pip3 install flask

Run

  1. (if in virtualenv) . pyenv/bin/activate
  2. python3 BrokenApp.py
  3. Open http://localhost:8001 in your browser

Credentials: user/pass

Burp

The file BurpSessionHandling.burp-projectopts.json can be loaded as project options file and contains session handling rules to solve the challenges from the slides in Burp Session Handling.pdf.

About

Broken web app intentionally built with pentesting obstacles

Resources

Readme

License

GPL-2.0 license
Activity

Stars

15 stars

Watchers

3 watching

Forks

8 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages