PyGoat

intentionally vuln web Application Security in django. our roadmap build intentionally vuln web Application in django. The Vulnerability can based on OWASP top ten
• A1:2017-Injection
• A2:2017-Broken Authentication
• A3:2017-Sensitive Data Exposure
• A4:2017-XML External Entities (XXE)
• A5:2017-Broken Access Control
• A6:2017-Security Misconfiguration
• A7:2017-Cross-Site Scripting (XSS)
• A8:2017-Insecure Deserialization
• A9:2017-Using Components with Known Vulnerabilities
• A10:2017-Insufficient Logging & Monitoring

Table of Contents

• pygoat
  • Installation
    • From Sources
    • Docker Container
    • Installation Video
  • Solutions

Installation

From Sources

To setup the project on your local machine:
1. Click on Fork.
2. Go to your fork and clone the project to your local machine.
3. Install the requirements pip install -r requirements.txt.
4. Apply the migrations python3 manage.py migrate.
5. Finally, run the development server python3 manage.py runserver.

The project will be available at 127.0.0.1:8000.

Docker Container

1. Install Docker
2. Run docker pull pygoat/pygoat
3. Run docker run --rm -p 8000:8000 pygoat/pygoat or docker run pygoat/pygoat
4. Browse to http://127.0.0.1:8000

Installation Video

Solutions

Challenge solutions •

Live Demo

http://pygoat-web.herokuapp.com
http://pygoat.herokuapp.com
http://pygoat-dep.herokuapp.com
credential:
username : user
password : user12345
or you could login with 0auth (google)

Contributors ✨

Thanks goes to these wonderful people (emoji key):

pwned-17 💻

Aman Singh 💻

adeyosemanputra 💻 📖

gaurav618618 💻 📖

MajAK 💻

This project follows the all-contributors specification. Contributions of any kind welcome!