Skip to content

postworthy/ExploitableApp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

218 Commits
ExploitableApp.Data
ExploitableApp.Data
 
 
ExploitableApp.SSO
ExploitableApp.SSO
 
 
ExploitableApp.WebService
ExploitableApp.WebService
 
 
ExploitableApp
ExploitableApp
 
 
HelmCharts
HelmCharts
 
 
haproxy
haproxy
 
 
ssh
ssh
 
 
.DS_Store
.DS_Store
 
 
.dockerignore
.dockerignore
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
CNAME
CNAME
 
 
ExploitableApp.sln
ExploitableApp.sln
 
 
ExploitableAppArchitecture.png
ExploitableAppArchitecture.png
 
 
README.md
README.md
 
 
Thumbs.db
Thumbs.db
 
 
_config.yml
_config.yml
 
 
build.bat
build.bat
 
 
docker-compose.dcproj
docker-compose.dcproj
 
 
docker-compose.override.yml
docker-compose.override.yml
 
 
docker-compose.yml
docker-compose.yml
 
 
prod-docker-compose.yml
prod-docker-compose.yml
 
 
rpi-docker-compose.yml
rpi-docker-compose.yml
 
 
rpi.sh
rpi.sh
 
 
waf-docker-compose.yml
waf-docker-compose.yml
 
 

Repository files navigation

What is the Exploitable App?

Exploitable App is a sandbox for exploring the various ways that applications can be exploited by attackers. Designed to emulate a banking application with various vulnerabilities the Exploitable App is a learning platform that attempts to teach about common web security flaws. The Exploitable App contains generic security flaws that apply to most web applications and it also contains vulnerabilities that specifically pertain to the .NET framework. The vulnerabilities in this app are intented to teach about application security and the code is commented in a way that will allow developers to follow along and learn how to avoid the most common vulnerabilities.

Network Architecture

Exploitable App Network Architecture

Start Hacking Fast

Install Prerequisites
Run on Windows Docker for Desktop
git clone https://github.com/postworthy/ExploitableApp.git
cd ExploitableApp/HelmCHarts
.\docker-desktop-install.ps1
Run on Mac
git clone https://github.com/postworthy/ExploitableApp.git
cd ExploitableApp/HelmCHarts
.\docker-desktop-install.sh

Looking for old instructions

Old Instructions

Run in Azure [From Linux, Mac, Windows via WSL/WSL2]

git clone https://github.com/postworthy/ExploitableApp.git
cd ExploitableApp/HelmCHarts
.\aks-install.sh

Dive into the Code

Because the application is built using .NET Core you will want to start by getting the latest version of Visual Studio which is currently available for Windows and Mac. You will then need to install Docker for your system. Last but not least you will want to install Git for pulling the latest code from the repo.

After you have navigated to your working folder you will want to get the latest code for the project using git

Windows & Mac
git clone https://github.com/postworthy/ExploitableApp.git

Once you have cloned the repo open the ExploitableApp.sln file to start exploring the code.

Licensing

For Open Source Projects

If you are developing and distributing open source applications under the GPL License, then you are free to use this project under the GPL License. GPL FAQ

Commercial, Enterprise and Government Projects

Contact me at [email protected] for more information on Commercial, Enterprise, and Government use of the this project.

About

A .NET core project for web based pen testing

exploitable.app

Topics

docker enterprise exploit hacking cybersecurity exploits web-vulnerability-scanner vulnerabilities cyber-security dvwa dvwa-docker pen-test-tools pen-testing

Resources

Readme
Activity

Stars

8 stars

Watchers

3 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages