Giters

bmdyy / testr

TESTR - Vulnerable Python Web-App to practice XSS and Command Injection

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

awaeoswe

Testr

Metadata

  • Author: William Moody
  • Started: 22.03.2021

Description

Testr is an invite-only web-based IDE for Python, created with the purpose of practicing web-app vulnerabilities. Specifically XSS and Code injecetion / Filter bypassing.

There is a cronjob which emualates admin actions every minute in the docker container.

Set Up

  1. Clone the repo locally git clone https://github.com/bmdyy/testr
  2. Enter the folder cd testr
  3. Build the docker container: docker build -t testr .
  4. Run the container: docker run -t testr

Solutions

Solutions and explanations may be found in ./exploit

About

TESTR - Vulnerable Python Web-App to practice XSS and Command Injection

awaeoswe

Languages

Language:HTML 46.1%Language:Python 35.9%Language:CSS 14.0%Language:JavaScript 3.0%Language:Dockerfile 0.8%Language:Shell 0.1%