Skip to content
Go to file


Failed to load latest commit information.
Latest commit message
Commit time
Aug 12, 2020
Aug 12, 2020
Jul 21, 2020
Jul 16, 2019
Feb 21, 2019
Dec 17, 2019
Feb 3, 2020
Nov 21, 2019
Aug 12, 2020
Dec 14, 2019
Jun 30, 2020
May 9, 2020
Aug 12, 2020
Mar 18, 2019
Jul 11, 2019
Jun 7, 2020
May 23, 2017
Apr 26, 2018
Sep 2, 2018
Jul 2, 2020

Vulhub - Pre-Built Vulnerable Environments Based on Docker-Compose

GitHub Official Community Chat on Discord Backers and sponors on Patreon Backers and sponors on Opencollective

中文版本(Chinese version)

Vulhub is an open-source collection of pre-built vulnerable docker environments. No pre-existing knowledge of docker is required, just execute two simple commands and you have a vulnerable environment.


Install the docker/docker-compose on Ubuntu 16.04:

# Install pip
curl -s | python3

# Install the latest version docker
curl -s | sh

# Run docker service
service docker start

# Install docker compose
pip install docker-compose

The installation steps of docker and docker-compose for other operating systems might be slightly different, please refer to the docker documentation for details.


# Download project
wget -O
cd vulhub-master

# Enter the directory of vulnerability/environment
cd flask/ssti

# Compile environment
docker-compose build

# Run environment
docker-compose up -d

There is a README document in each environment directory, please read this file for vulnerability/environment testing and usage.

After the test, delete the environment with the following command.

docker-compose down -v

It is recommended to use a VPS of at least 1GB memory to build a vulnerability environment. The your-ip mentioned in the documentation refers to the IP address of your VPS. If you are using a virtual machine, it refers to your virtual machine IP, not the IP inside the docker container.

All environments in this project are for testing purposes only and should not be used as a production environment!


  1. To prevent permission errors, it is best to use the root user to execute the docker and docker-compose commands.
  2. Some docker images do not support running on ARM machines.


This project relies on docker. So any error during compilation and running are thrown by docker and related programs. Please find the cause of the error by yourself first. If it is determined that the dockerfile is written incorrectly (or the code is wrong in vulhub), then submit the issue. More details please 👉Common reasons for compilation failure, hope it can help you.

For more question, please contact:

Thanks for the following contributors:

More contributors:Contributors List

Backer and Sponsor


Sponsor vulhub on patreon 🙏

Sponsor vulhub on opencollective 🙏

More Donate.


Vulhub is licensed under the MIT License. See LICENSE for the full license text.

You can’t perform that action at this time.