-
-
Notifications
You must be signed in to change notification settings - Fork 814
Command Injection Testbeds
Anastasios Stasinopoulos edited this page Jul 25, 2024
·
18 revisions
A collection of applications and virtual machines vulnerable to command injection attacks.
- Damn Vulnerable Web App (DVWA)
- Damn Vulnerable Web Services (DVWS)
- Damn Small Vulnerable Web (DSVW)
- Damn Vulnerable GraphQL Application (DVGA)
- Damn Vulnerable Web Sockets (DVWS)
- Xtreme Vulnerable Web Application (XVWA)
- OWASP: Mutillidae
- OWASP: VulnerableApp
- bWAPP: bee-box (v1.6)
- Persistence
- Pentester Lab: Web For Pentester
- Pentester Lab: CVE-2014-6271/Shellshock
- Pentester Lab: Rack Cookies and Commands injection
- Pentester Academy: Command Injection ISO: 1
- SpiderLabs: MCIR (ShelLOL)
- Kioptrix: Level 1.1 (#2)
- Kioptrix: 2014 (#5)
- Acid Server: 1
- Flick: 2
- w3af-moth
- commix-testbed
- command-line-security-300 (school-ctf-winter-2015)
- lfi-labs
- SickOs (1.1)
- Testsparker
- GracefulSecurity Vulnerable VM
- SecuriCTF Vulnerable VM
- Bulldog Vulnerable VM
- Extreme Vulnerable Node Application (XVNA)
At the right side panel, you can find detailed information about Commix Project.