Skip to content

Releases: 516hackers/516-hackers-vuln-playground

Initial Release: Security Training Platform

Choose a tag to compare

@516hackers 516hackers released this 02 Oct 10:17
23d1aa5

🚀 516 Hackers Vulnerability Playground v1.0.0

Overview

First official release of our modular, intentionally vulnerable web application designed for security training and education. This release provides a complete, containerized environment for learning web application security.

✨ Features

🔓 Vulnerability Modules

  • SQL Injection (SQLi) - Practice database exploitation techniques
  • Cross-Site Scripting (XSS) - Learn client-side script injection
  • Authentication Bypass - Understand weak auth mechanisms
  • File Upload Vulnerabilities - Explore insecure file handling

🛠️ Technical Stack

  • Backend: Node.js/Express.js
  • Frontend: Vanilla HTML/CSS/JavaScript
  • Database: MySQL 8.0
  • Containerization: Docker & Docker Compose
  • Security: Both vulnerable and secure implementations

🎯 What's Included

Core Application

  • Complete web application with four vulnerability modules
  • Interactive web interface for hands-on learning
  • Sample data and user accounts
  • Both vulnerable and secure code examples

Documentation

  • Comprehensive README with setup instructions
  • Step-by-step learning guides
  • Vulnerability explanations and payload examples
  • Security best practices

Automation

  • Docker Compose setup for easy deployment
  • Database initialization scripts
  • Test scripts for vulnerability verification
  • Pre-configured development environment

🚨 Important Security Notice

⚠️ FOR EDUCATIONAL USE ONLY

This application contains intentional vulnerabilities and should:

  • ✅ Only be used in isolated, local environments
  • ✅ Only be used for legitimate security training
  • 🚫 NEVER be deployed in production
  • 🚫 NEVER be exposed to the internet
  • 🚫 NEVER contain real or sensitive data

📥 Installation

Quick Start

git clone https://github.com/516hackers/516-hackers-vuln-playground.git
cd 516-hackers-vuln-playground
docker-compose up --build

Access at: http://localhost:3000

Default Credentials

  • Admin: admin / admin123
  • User: alice / password123
  • User: bob / bobpass

🐛 Known Issues

  • None in this initial release
  • Report any issues on GitHub

🔮 Future Roadmap

  • Additional vulnerability modules (CSRF, SSRF, XXE)
  • Difficulty levels for each module
  • Progress tracking and scoring
  • More advanced exploitation techniques

🤝 Contributing

We welcome contributions! Please see the README for guidelines on adding new vulnerabilities or improving existing ones.


Remember: Use this knowledge responsibly and ethically. Happy learning! 🛡️

The 516 Hackers Team


## Release Configuration

### Tag Version:
**v1.0.0** (create new tag)

### Release Title:
**v1.0.0 - Initial Release: Security Training Platform**

### Pre-release Setting:
✅ **Set as a pre-release** (since this is the first release and for security training software)

### Attached Binaries (Optional):
You could attach:
- `516-hackers-vuln-playground-v1.0.0.zip` (source code archive)
- `setup-guide.pdf` (if you create one)
- `cheat-sheet.pdf` (vulnerability payload reference)

## Step-by-Step Release Process

### 1. Prepare the Release
```bash
# Ensure everything is committed
git add .
git commit -m "Prepare v1.0.0 release"
git push origin main

# Create and push tag
git tag v1.0.0
git push origin v1.0.0

2. Create Release on GitHub

  1. Go to your repository on GitHub
  2. Click on "Releases" in the right sidebar
  3. Click "Create a new release"
  4. Fill in the form with the information above:
    • Tag: v1.0.0 (create new)
    • Release title: v1.0.0 - Initial Release: Security Training Platform
    • Description: Paste the markdown content above
    • Set as a pre-release
    • Attach binaries: Drag and drop any additional files

3. Publish the Release

Click "Publish release" to make it live.

Additional Files You Could Include

1. Quick Start Guide (quick-start.md)

# 🚀 Quick Start Guide

## 5-Minute Setup

1. **Prerequisites**: Install Docker and Git
2. **Clone**: `git clone https://github.com/516hackers/516-hackers-vuln-playground.git`
3. **Run**: `cd 516-hackers-vuln-playground && docker-compose up --build`
4. **Access**: Open `http://localhost:3000`
5. **Learn**: Start with SQL Injection module!

## Default Users
- Admin: `admin` / `admin123`
- Alice: `alice` / `password123` 
- Bob: `bob` / `bobpass`

## First Exercises
1. Try SQL Injection: `admin' OR '1'='1`
2. Test XSS: `<script>alert('XSS')</script>`
3. Bypass auth: Use SQLi in login forms

2. Vulnerability Cheat Sheet (cheat-sheet.md)

# 🎯 Vulnerability Payload Cheat Sheet

## SQL Injection
```sql
-- Basic Auth Bypass
admin' OR '1'='1

-- Union Attack  
' UNION SELECT 1,2,3,4,5-- -

-- Database Info
' UNION SELECT version(),user(),database(),4,5-- -

XSS Payloads

<script>alert('XSS')</script>
<img src=x onerror=alert(1)>
<svg onload=alert(1)>

Auth Bypass

admin' OR '1'='1'-- -
' OR 1=1-- -
admin'-- -

## Release Announcement Template

If you want to announce the release:

```markdown
🎉 **Announcing 516 Hackers Vulnerability Playground v1.0.0!**

We're excited to release our modular, intentionally vulnerable web application for security training!

🔓 **What's inside**:
- 4 vulnerability modules (SQLi, XSS, Auth Bypass, File Upload)
- Dockerized setup for easy deployment  
- Both vulnerable & secure code examples
- Comprehensive documentation

🚀 **Get started in 5 minutes**:
```bash
git clone https://github.com/516hackers/516-hackers-vuln-playground.git
cd 516-hackers-vuln-playground
docker-compose up --build

📚 Perfect for:

  • Security students
  • Developer security training
  • CTF practice
  • Ethical hacking education

⚠️ Remember: For educational use only in isolated environments!

Check out the release: [Link to release]

#cybersecurity #websecurity #infosec #ethicalhacking #securitytraining