Skip to content
Vulnerable web application
Branch: master
Clone or download
CSPF-Founder Update login.php
fixed login url
Latest commit 50c6369 Dec 1, 2016
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
admin update Nov 21, 2014
images First commit Nov 18, 2014
lib First commit Nov 18, 2014
tmp New vulnerabilities Dec 19, 2015
vulnerability New vulnerabilities Dec 19, 2015
Installation-procedure.txt First commit Nov 18, 2014
LICENSE First commit Nov 18, 2014
README.md update Nov 21, 2014
config.php First commit Nov 18, 2014
contact.php update Nov 21, 2014
footer.php First commit Nov 18, 2014
header.php New vulnerabilities Dec 19, 2015
index.php First commit Nov 18, 2014
login.php Update login.php Dec 1, 2016
logout.php First commit Nov 18, 2014
myprofile.php First commit Nov 18, 2014
mysqlconnection.php First commit Nov 18, 2014
register.php First commit Nov 18, 2014
regprocess.php First commit Nov 18, 2014
robots.txt update Nov 19, 2014
setup.php update Nov 21, 2014
style.css First commit Nov 18, 2014

README.md

BTS PenTesting Lab is an open source vulnerable web application, created by Cyber Security & Privacy Foundation (www.cysecurity.org). It can be used to learn about many different types of web application vulnerabilities.

Currently, the app contains the following types of vulnerabilities:

  • SQL Injection
  • XSS(includes Flash Based xss)
  • CSRF
  • Clickjacking
  • SSRF
  • File Inclusion
  • Code Execution
  • Insecure Direct Object Reference
  • Unrestricted File Upload vulnerability
  • Open URL Redirection
  • Server Side Includes(SSI) Injection and more...
You can’t perform that action at this time.