CVWA

CVWA copied to clipboard

Conviso Vulnerable Web Application

Description

This application was purposely coded insecurely, having a large number of vulnerabilities and bad practices. The idea is to simulate an initial blog structure, made by a novice programmer who made serious mistakes, leaving it vulnerable to numerous attacks.

We use this application for educational purposes only, making demonstrations on how to manually and automatically detect these vulnerabilities and also how to fix them.

How to deploy on local machines

$ git clone https://github.com/convisolabs/CVWA
$ cd CVWA
$ docker build -t cvwa .
$ docker container run -ti -p 8080:80 cvwa

Contribution

• Your contributions and suggestions are heartily ♥ welcome. See here the contribution guidelines. Please, report bugs via issues page.

License

• This work is licensed under MIT License.