Skip to content

yunaranyancat/dvpa

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
tmp
tmp
 
 
uploads
uploads
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
run.py
run.py
 
 

Repository files navigation

Damn Vulnerable Python-API

Damn Vulnerable Python API is a python based web services (API) which is intentionally designed to be vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help developers better understand the processes of securing Python based web services and to aid both students & teachers to learn about Python based web services security in a controlled class room environment.

Version Control

14th August 2022 - v0.1

2nd September 2022 - v0.2

Vulnerabilities

  • Unauthenticated access to API endpoint
  • Use of Basic Authentication
  • Use of weak credentials
  • RCE via subprocess
  • Insecure file upload

Installation and setup

git clone https://github.com/yunaranyancat/dvpa
cd dvpa
pip3 install -r requirements.txt
python3 run.py

About

Damn Vulnerable Python API

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages