intentionally vuln web Application Security in django. our roadmap build intentionally vuln web Application in django. The Vulnerability can based on OWASP top ten
• A1:2017-Injection
• A2:2017-Broken Authentication
• A3:2017-Sensitive Data Exposure
• A4:2017-XML External Entities (XXE)
• A5:2017-Broken Access Control
• A6:2017-Security Misconfiguration
• A7:2017-Cross-Site Scripting (XSS)
• A8:2017-Insecure Deserialization
• A9:2017-Using Components with Known Vulnerabilities
• A10:2017-Insufficient Logging & Monitoring

• pygoat
  • Installation
    • From Sources
    • Docker Container
    • Installation Video
  • Uninstallation
  • Solutions
  • For Developers

To setup the project on your local machine:

First, Clone the repository using GitHub website or git in Terminal

  git clone https://github.com/adeyosemanputra/pygoat.git
  ### To Download a specific branch
  git clone -b <branch_name> https://github.com/adeyosemanputra/pygoat.git

1. Install all app and python requirements using installer file - bash installer.sh
2. Change directory to the the Django Project directory cd pygoat
   
3. Apply the migrations python3 manage.py migrate.
   
4. Finally, run the development server python3 manage.py runserver.
   
5. The project will be available at http://127.0.0.1:8000

1. Install python3 requirements pip install -r requirements.txt.
   
2. Change directory to the the Django Project directory cd pygoat
   
3. Apply the migrations python3 manage.py migrate.
   
4. Finally, run the development server python3 manage.py runserver.
   
5. The project will be available at http://127.0.0.1:8000

1. Install all app and python requirements using setup.py file - pip3 install .
2. Change directory to the the Django Project directory cd pygoat
   
3. Apply the migrations python3 manage.py migrate.
   
4. Finally, run the development server python3 manage.py runserver.
   
5. The project will be available at http://127.0.0.1:8000

1. Install Docker
2. Run docker pull pygoat/pygoat or docker pull pygoat/pygoat:latest
3. Run docker run --rm -p 8000:8000 pygoat/pygoat:latest
4. Browse to http://127.0.0.1:8000
5. Remove existing image using docker image rm pygoat/pygoat and pull again incase of any error

1. Install Docker
2. Run docker-compose up or docker-compose up -d

1. Clone the repository   git clone https://github.com/adeyosemanputra/pygoat.git
2. Change the directory where Dockerfile exists   cd pygoat
3. Build the docker image from Dockerfile using   docker build -f Dockerfile -t pygoat .
4. Run the docker image  docker run --rm -p 8000:8000 pygoat:latest
5. Browse to http://127.0.0.1:8000 or http://0.0.0.0:8000

1. From Source using installer.sh

• Installing PyGoat from Source

2. Without using installer.sh

• On Debian/Ubuntu based systems, you can use the uninstaller.sh script to uninstall pygoat along with all it's dependencies.
• To uninstall pygoat, simply run:

$ bash ./uninstaller.sh

• On other systems, you can use the uninstaller.py script to uninstall pygoat along with all it's dependencies
• To uninstall pygoat, simply run:

$ python3 uninstaller.py

Solutions to all challenges

http://pygoat-web.herokuapp.com
http://pygoat.herokuapp.com
http://pygoat-dep.herokuapp.com
credentials:
username : user
password : user12345
or you could login with 0auth (google)

Thanks goes to these wonderful people (emoji key):

pwned-17 💻

Aman Singh 💻

adeyosemanputra 💻 📖

gaurav618618 💻 📖

MajAK 💻

JustinPerkins 💻

Liu Peng 💻

This project follows the all-contributors specification. Contributions of any kind welcome!