PwnedHub is a vulnerable application designed exclusively for PractiSec training courses. PwnedHub contains intentional vulnerability and should never be exposed to the open Internet. This software is NOT Open Source in a traditional sense. See the LICENSE.txt file for more information.
Requirements
- Docker
Installation and Usage
-
Install Docker Desktop.
-
Clone the PwnedHub repository.
$ git clone https://github.com/lanmaster53/pwnedhub.git -
Change into the PwnedHub directory.
$ cd pwnedhub -
Build the PwnedHub Docker images.
docker compose build -
Launch the PwnedHub architecture using Docker Compose.
docker compose up- To launch as a daemon (no terminal logging), add the
-dswitch.
- To launch as a daemon (no terminal logging), add the
-
Modify the hosts file to create the following records:
127.0.0.1 www.pwnedhub.com 127.0.0.1 sso.pwnedhub.com 127.0.0.1 test.pwnedhub.com 127.0.0.1 api.pwnedhub.com 127.0.0.1 config.pwnedhub.com -
Visit the various applications and API interfaces:
- http://www.pwnedhub.com
- http://test.pwnedhub.com
- http://api.pwnedhub.com/swaggerui/index.html
- Postman collection files for the REST API are available in the Github repository under the "resources" folder.
-
When done using PwnedHub, clean up the Docker environment with the following command:
docker compose down