A flask messaging app that is vulnerable to XSS/CSRF
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
static
templates
.gitignore
README.md
app.py
startup.sh

README.md

STICKERZ

A simple messaging app that is purposely vulnerable. It should NOT be used in a production environment. Stickerz is used as a playground for the "penetrationt testing course" at the University of Applied Siences Ulm.

Installation

Stickers is based on Python 3/Flask, you can use a virtual environment to run it

# Install Python3/pip in a virtual environment "venv", this keeps your installation clean
virtualenv -p python3 venv

# Start the virtual environment
source venv/bin/active

# Install Flask
pip install flask

# run the application
python app.py

You can then access the application at TCP port 5000.

Other stuff

Stickers image by Frederik Danko, taken from Unsplash.