WARNING : This application contains multiple vulnerabilities. DO NOT USE for your production site. This github project contains code used for the PHP security training course.
- SQL Injections
- Authentication vulnerabilities
- Bruteforce Attack
- Session Hijacking
- Cross Site Request Forgeries (CSRF)
- Cross Site Scripting (XSS)
- Code Injection
- Local / Remote File Inclusion (LFI/RFI)
- Null Byte Injection
- Input Validation Attacks
- Bypass File Uploads Restrictions
- Full Path Disclosure
- Information Leakage
- Backdoor URLs
- Cookie Theft
- Exposed Session Data
- Session Fixation
- Exposed Data