Releases: 516hackers/516-hackers-vuln-playground
Release list
Initial Release: Security Training Platform
🚀 516 Hackers Vulnerability Playground v1.0.0
Overview
First official release of our modular, intentionally vulnerable web application designed for security training and education. This release provides a complete, containerized environment for learning web application security.
✨ Features
🔓 Vulnerability Modules
- SQL Injection (SQLi) - Practice database exploitation techniques
- Cross-Site Scripting (XSS) - Learn client-side script injection
- Authentication Bypass - Understand weak auth mechanisms
- File Upload Vulnerabilities - Explore insecure file handling
🛠️ Technical Stack
- Backend: Node.js/Express.js
- Frontend: Vanilla HTML/CSS/JavaScript
- Database: MySQL 8.0
- Containerization: Docker & Docker Compose
- Security: Both vulnerable and secure implementations
🎯 What's Included
Core Application
- Complete web application with four vulnerability modules
- Interactive web interface for hands-on learning
- Sample data and user accounts
- Both vulnerable and secure code examples
Documentation
- Comprehensive README with setup instructions
- Step-by-step learning guides
- Vulnerability explanations and payload examples
- Security best practices
Automation
- Docker Compose setup for easy deployment
- Database initialization scripts
- Test scripts for vulnerability verification
- Pre-configured development environment
🚨 Important Security Notice
This application contains intentional vulnerabilities and should:
- ✅ Only be used in isolated, local environments
- ✅ Only be used for legitimate security training
- 🚫 NEVER be deployed in production
- 🚫 NEVER be exposed to the internet
- 🚫 NEVER contain real or sensitive data
📥 Installation
Quick Start
git clone https://github.com/516hackers/516-hackers-vuln-playground.git
cd 516-hackers-vuln-playground
docker-compose up --buildAccess at: http://localhost:3000
Default Credentials
- Admin:
admin/admin123 - User:
alice/password123 - User:
bob/bobpass
🐛 Known Issues
- None in this initial release
- Report any issues on GitHub
🔮 Future Roadmap
- Additional vulnerability modules (CSRF, SSRF, XXE)
- Difficulty levels for each module
- Progress tracking and scoring
- More advanced exploitation techniques
🤝 Contributing
We welcome contributions! Please see the README for guidelines on adding new vulnerabilities or improving existing ones.
Remember: Use this knowledge responsibly and ethically. Happy learning! 🛡️
The 516 Hackers Team
## Release Configuration
### Tag Version:
**v1.0.0** (create new tag)
### Release Title:
**v1.0.0 - Initial Release: Security Training Platform**
### Pre-release Setting:
✅ **Set as a pre-release** (since this is the first release and for security training software)
### Attached Binaries (Optional):
You could attach:
- `516-hackers-vuln-playground-v1.0.0.zip` (source code archive)
- `setup-guide.pdf` (if you create one)
- `cheat-sheet.pdf` (vulnerability payload reference)
## Step-by-Step Release Process
### 1. Prepare the Release
```bash
# Ensure everything is committed
git add .
git commit -m "Prepare v1.0.0 release"
git push origin main
# Create and push tag
git tag v1.0.0
git push origin v1.0.0
2. Create Release on GitHub
- Go to your repository on GitHub
- Click on "Releases" in the right sidebar
- Click "Create a new release"
- Fill in the form with the information above:
- Tag:
v1.0.0(create new) - Release title:
v1.0.0 - Initial Release: Security Training Platform - Description: Paste the markdown content above
- ✅ Set as a pre-release
- Attach binaries: Drag and drop any additional files
- Tag:
3. Publish the Release
Click "Publish release" to make it live.
Additional Files You Could Include
1. Quick Start Guide (quick-start.md)
# 🚀 Quick Start Guide
## 5-Minute Setup
1. **Prerequisites**: Install Docker and Git
2. **Clone**: `git clone https://github.com/516hackers/516-hackers-vuln-playground.git`
3. **Run**: `cd 516-hackers-vuln-playground && docker-compose up --build`
4. **Access**: Open `http://localhost:3000`
5. **Learn**: Start with SQL Injection module!
## Default Users
- Admin: `admin` / `admin123`
- Alice: `alice` / `password123`
- Bob: `bob` / `bobpass`
## First Exercises
1. Try SQL Injection: `admin' OR '1'='1`
2. Test XSS: `<script>alert('XSS')</script>`
3. Bypass auth: Use SQLi in login forms2. Vulnerability Cheat Sheet (cheat-sheet.md)
# 🎯 Vulnerability Payload Cheat Sheet
## SQL Injection
```sql
-- Basic Auth Bypass
admin' OR '1'='1
-- Union Attack
' UNION SELECT 1,2,3,4,5-- -
-- Database Info
' UNION SELECT version(),user(),database(),4,5-- -XSS Payloads
<script>alert('XSS')</script>
<img src=x onerror=alert(1)>
<svg onload=alert(1)>Auth Bypass
admin' OR '1'='1'-- -
' OR 1=1-- -
admin'-- -
## Release Announcement Template
If you want to announce the release:
```markdown
🎉 **Announcing 516 Hackers Vulnerability Playground v1.0.0!**
We're excited to release our modular, intentionally vulnerable web application for security training!
🔓 **What's inside**:
- 4 vulnerability modules (SQLi, XSS, Auth Bypass, File Upload)
- Dockerized setup for easy deployment
- Both vulnerable & secure code examples
- Comprehensive documentation
🚀 **Get started in 5 minutes**:
```bash
git clone https://github.com/516hackers/516-hackers-vuln-playground.git
cd 516-hackers-vuln-playground
docker-compose up --build
📚 Perfect for:
- Security students
- Developer security training
- CTF practice
- Ethical hacking education
Check out the release: [Link to release]
#cybersecurity #websecurity #infosec #ethicalhacking #securitytraining