Dépôt des challenges que j'ai réalisés pour l'évènement CTF Hacky'Nov à Aix-en-Provence 2022.

A vulnerable lab for understanding difference between LFI and File Retrieval

The main goal of VWA is to provide a hands-on experience for security rookies on vulnerable web applications available for practicing and learning, so that they can attack realistic web environments… without going to jail :)

A side note about LFI and Leaking the php source of some sites

Repositori ini berisi file-file vulnerable terhadap bug tertentu yang saya jadikan demo pada artikel yang saya tulis di abaykan.com

This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).

small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns