Skip to content

A python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks

Notifications You must be signed in to change notification settings

JasonHinds13/hackable

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

hackable

A python flask app that is purposfully vulnerable to SQL injection and XSS attacks

How to run

Just cd into the hackable folder and type into the termnial python main.py

Notes

  • test.sql is just there to help to visualize what is happening with sql queries during the demo
  • Commands For Sqlite Hack.txt is there to show the sql statements used during the demo and explain them
  • The search page is vulnerable to SQL injections
  • The add items page is vulnerable to XSS
  • The login page is also vulnerable to SQL injection making it easy to bypass login

About

A python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published