piWASTE - Purposely Insecure Web Application for Security Training and Education
Educational purposely insecure website for demonstrating web vulnerabilities. Originally developed as a student project in UniOulu 521479S Software Project course in 2020.
Run the server
Make sure you have FLASK_APP
defined:
Linux:
export FLASK_APP=app
Windows:
set FLASK_APP=app
Enable debugging mode
Linux:
export FLASK_ENV=development
Windows:
set FLASK_ENV=development
Before running you need to initialize the database
flask init-db
And then run the server
flask run
Run the docker container
You can use docker-compose to run the server in a container which mounts the current working directory. So it's possible to edit the code while the container is running.
docker-compose up
To tear it down, you can just run:
docker-compose down
If you want to try building a clean container, you can build the image and run it:
docker build . -t piwaste
docker run -it --network=host piwaste # network=host is needed to be able to access it from the outside
Requirements
pip install -r requirements.txt
Running local tests
python -m pytest