Skip to content

Deploy your own lab of web application penetration testing with docker and docker-compose, webgoat, dvwap, bwapp and Juice Shop

License

Notifications You must be signed in to change notification settings

MoisesTapia/TWAPT

Repository files navigation

Trainig| Web Application Penetration Testing

docker Maintainer Build Status Build Status

Requirements

  • Docker
  • docker-compose

Webs

  • Webgoat : localhost:8080/WebGoat
  • Mutillidae : localhost:8088/mutillidae
  • DVWAP : localhost:8081
  • bwapp : localhost:8082/install.php
  • Juice-Shop : localhost:8083
  • NinjaWeb : localhost:8899
  • VulnWordpress : localhost:8086

Monitoring

You can monitoring your services or containers with cAdvisor this is a new integration. just you follow the next steps: 1 Open your Browser. 2 In the search bar write localhost:8085. 3 Done you can see the information about your containers.

locañhost:8085

Usage mode.

git clone https://github.com/MoisesTapia/TWAPT
cd TWAPT
docker-compose up -d

output

➜  TWAPT git:(deploy) ✗ docker-compose up -d      
Creating network "twapt_pentesting" with driver "bridge"
Creating juiceshop ... done
Creating webgoat   ... done
Creating dvwap     ... done
Creating bwapp     ... done
Creating bricks    ... done
Creating owasp17   ... done
Creating ninjaweb  ... done
➜  TWAPT git:(deploy) ✗ 

'docker-compose ps'

➜  TWAPT git:(deploy) ✗ docker-compose ps
  Name                 Command               State                          Ports                        
---------------------------------------------------------------------------------------------------------
bricks      /run.sh                          Up      3306/tcp, 0.0.0.0:8084->80/tcp                      
bwapp       /run.sh                          Up      3306/tcp, 0.0.0.0:8082->80/tcp                      
dvwap       /main.sh                         Up      0.0.0.0:8081->80/tcp                                
juiceshop   docker-entrypoint.sh npm start   Up      0.0.0.0:8083->3000/tcp                              
ninjaweb    /bin/sh -c /usr/sbin/apach ...   Up      0.0.0.0:8899->80/tcp                                
owasp17     /usr/bin/supervisord             Up      3306/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:8088->80/tcp
webgoat     java -Djava.security.egd=f ...   Up      0.0.0.0:8080->8080/tcp                              
➜  TWAPT git:(deploy) ✗ 

Stoping the services

'docker-compose stop or docker-compose down'

Contributors

Design: @onahump / https://github.com/onahump