Search Results for "vulnerable machine"
Sort By:
Showing 23 open source projects for "vulnerable machine"
View related business solutions-
Level Up Your Cyber Defense with External Threat ManagementMove beyond alerts. Gain full visibility, context, and control over your external attack surface to stay ahead of every threat.
-
Get the most trusted enterprise browserDefend against security incidents with Chrome Enterprise. Create customizable controls, manage extensions and set proactive alerts to keep your data and employees protected without slowing down productivity.
-
1
DVWA
PHP/MySQL web application
..., with a simple straightforward interface. Please note, there are both documented and undocumented vulnerabilities with this software. This is intentional. You are encouraged to try and discover as many issues as possible. Damn Vulnerable Web Application is damn vulnerable! Do not upload it to your hosting provider's public html folder or any Internet facing servers, as they will be compromised. It is recommended using a virtual machine (such as VirtualBox or VMware), which is set to NAT networking mode. -
2
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" Will also run on the ProxMox server to understand how to do it pls refer to the doc in the zip named "Cybersecurity Lab Deployment on Proxmox" The default login...
-
3
Slipstream
NAT Slipstreaming allows an attacker to remotely access any TCP/UDP
Slipstream (also referred to as “NAT Slipstreaming”) is a proof-of-concept exploit framework that allows an attacker to remotely access any TCP or UDP service running on a victim machine inside a NAT (behind a router/firewall) simply by tricking the target to visit a malicious website. It works by abusing the NAT’s Application Level Gateway (ALG) logic and connection tracking, combined with browser capabilities like WebRTC, precise packet fragmentation or boundary control, and packet injection... -
4
An intentionally designed vulnerable machine 'boot2root' challenge for beginners. Setup You will need Virtual Box or VMWare Player to import the OVA file included in this repository. I have tested this using Windows 10 and VirtualBox version 7. 1. Set the network adapter to host-only or bridge mode, so that you can launch the virtual machine. 2. Monitor the console for messages if all goes well you should spot the VM receiving an IP address. 3. Attempt to SSH...
-
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
5
Log4jScanner
A log4j vulnerability filesystem scanner and Go package
log4jscanner is a filesystem scanner and Go package that helps organizations quickly identify vulnerable Log4j components inside JARs and shaded dependencies. Instead of probing networks, it walks directories and archives, including nested JARs, to find version fingerprints and risky classes associated with the Log4Shell family of issues. The focus on static analysis makes it suitable for container images, build artifacts, and offline systems where active scanning isn’t feasible. Clear, machine... -
6
Metasploitable2-gohack
Customized Metasploitable2 VM for Beginners
This customized version of the open source Metasploitable2 virtual machine is specially modified to make it more user-friendly for beginners and K-12 hacking camps under the GenCyber program and similar middle- and high-school ethical hacking programs. This version was developed by Bryson Payne and is used in the book "Go H*ck Yourself" (Go Hack Yourself), by No Starch Press. Most of the changes are to DVWA, relabeled "Darn Vulnerable Web App" for the K-12 audience. Like the original... -
7
VPLE
Vulnerable Pentesting Lab Environment
VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" The default login and password is administrator: password. List Of All Labs in one VM:- 1. Web-DVWA 2. Mutillidae 3. Webgoat 4. Bwapp 5. Juice-shop 6... -
8
Web Security Dojo
Virtual training environment to learn web app ethical hacking.
Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible script... -
9
Metasploitable
Metasploitable is an intentionally vulnerable Linux virtual machine
This is Metasploitable2 (Linux) Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. The default login and password is msfadmin:msfadmin. Never expose this VM to an untrusted network (use NAT or Host-only mode if you have any questions what that means). To contact the developers, please send email to msfdev@metasploit.com -
The All-in-One Commerce Platform for Businesses - ShopifyShopify is a leading all-in-one commerce platform that enables businesses to start, build, and grow their online and physical stores. It offers tools to create customized websites, manage inventory, process payments, and sell across multiple channels including online, in-person, wholesale, and global markets. The platform includes integrated marketing tools, analytics, and customer engagement features to help merchants reach and retain customers. Shopify supports thousands of third-party apps and offers developer-friendly APIs for custom solutions. With world-class checkout technology, Shopify powers over 150 million high-intent shoppers worldwide. Its reliable, scalable infrastructure ensures fast performance and seamless operations at any business size.
-
10
Vulnerable Operating Systems
deliberately vulnerable operating systems
VulnOS are a series of deliberately vulnerable operating systems packed as virtual machines to teach Offensive IT Security and to enhance penetration testing skills. For educational purposes! -
11
LAMPSecurity training is designed to be a series of vulnerable virtual machine images along with complementary documentation designed to teach linux,apache,php,mysql security.
-
12
Androl4b AndroL4b is an android security virtual machine based on ubuntu Mate, includes the collection of latest framework, tutorials and labs from different security geeks and researcher for reverse engineering and malware analysis. Use this link to download: https://github.com/sh4hin/Androl4b Tools: APKStudio ByteCodeViewer Lobotomy Mobile Security Framework (MobSF) DroidBox Dorzer APKtool AndroidStudio ClassyShark BurpSuite Wireshark Smartphone Pentest Framework...
-
13
Open Web Application Security Project (OWASP) Broken Web Applications Project, a collection of vulnerable web applications that is distributed on a Virtual Machine in VMware format compatible with their no-cost and commercial VMware products.
-
14
VulnerableHero
Vulnerable Application for Education Purposes Only
OVA file with ready to go vulnerable application. This application contains a variety of security issues and should only be run in a safe environment. For education purposes only. Enjoy! Virtual Machine Login Creds: user: vhero pass: vhero Code on github: https://github.com/JakeBernier/VHero -
15
ODS3 Virtual Machine Challenge
Virtual Machine Image To Test Penetration Skills
The ODS3 Virtual Machine Challenge are downloadable images that can be run as VMWare or VirtualBox instances. The Idea behind the challenge is to test and exercise web application penetration testing in a controlled environment. These images are great for cyber security students, penetration testers and hobbyist. Care should be taken if installed on an Internet access host as the application are purposely vulnerable to attack and exploitation. -
16
Java Remote Terminal
A web browser based terminal for Unix
This is a Java based web application can be deployed in any Servlet container. Once the web application is deployed in the target servlet container, a web browser can be used to issue various Unix commands to the remote machine. This can be used as simple administration tool or this even can be used as an attacking tool in a vulnerable application server. -
17
xxe
Intentionally vulnerable web services exploitable with XXE
An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, port scanning from the perspective of the machine where the parser is located. This zipped Ubuntu VM is set up as a Capture the Flag with those that successfully exploit the XXE vulnerability... -
18
smurfedBTR1
this is a root to boot vmware vulnerable images
the goal is to get the flag in the root directory. /root/ -
19
Web Pentesting Environment
Vulnerable Virtual Machine to Learn
... support ask me @ahmaddotninja 5. Why didn`t I setup tools ? because you should learn how to install any tool on any platform ** Installation steps :-: 1- WPE is virtual Machine so you will need VM software we recommended Oracle VM VirtualBox Get it from here https://www.virtualbox.org/wiki/Downloads 2- uncompressed WPE.7z 3- after you install VirtualBox go to the menu bar select Machine > add 4- Browse to WPE folder select WPE.vbox // we use only OpenSource or Free software -
20
Linux Exploit Suggester
Linux Exploit Suggester; based on operating system release number
Linux Exploit Suggester is a lightweight Perl script designed to help security testers quickly identify local Linux kernel privilege-escalation candidates by matching the host’s kernel/OS release string against a curated list of known vulnerable versions. It runs uname -r by default (or accepts a manual -k kernel string) and prints a suggestive, human-readable list of possible exploit names, CVEs, and references that match that kernel version. The tool intentionally keeps its logic simple... -
21
No Exploiting Me
Vulnerable VM with some focus on NoSQL
This vulnerable VM is meant to act as a practice virtual machine for security researchers to start looking at identifying and exploiting vulnerabilities in NoSQL, PHP and the underlying OS (Debian). -
22
Malware Classifier
Perform quick, easy classification of binaries for malware analysis.
Adobe Malware Classifier is a command-line tool that lets antivirus analysts, IT administrators, and security researchers quickly and easily determine if a binary file contains malware, so they can develop malware detection signatures faster, reducing the time in which users' systems are vulnerable. Malware Classifier uses machine learning algorithms to classify Win32 binaries – EXEs and DLLs – into three classes: 0 for “clean,” 1 for “malicious,” or “UNKNOWN.” The tool was developed... -
23
This Java based API lets you introduce capcha to you J2EE 1.3 + compliant Web Applications and supportive to frameworks like Struts, JSF so that you do not have to worry about having to write your own code for capcha.
- Previous
- You're on page 1
- Next
