Sayfalar

[BTS PenTesting Lab] A vulnerable web application to learn common vulnerabilities

The most common question from students who is learning website hacking techniques is "how to test my skills legally without getting into troubles?".  So, i always suggest them to use some vulnerable web application such as DVWA. 

However, i felt dvwa is not suitable for new and advanced techniques.  Mutillidae is one of the best web application vulnerable app to date. However, I missed some techniques/features in Mutillidae.  so i thought it is better develop our own app to teach the web application pentesting for my readers and students. 
BTS PenTesting Lab is a vulnerable web application that allows you to learn from basic to advanced  vulnerability techniques. 

Currently, the app contains following vulnerability types:
  • SQL Injection
  • Cross Site scripting(XSS)
  • Cross Site request Forgery(CSRF)
  • Clickjacking
  • Server Side Request Forgery(SSRF))
  • File Inclusion(RFI and LFI)
  • Command Execution