The most common question from students who is learning website hacking techniques is “how to test my skills legally without getting into troubles?”. So, i always suggest them to use some vulnerable web application such as DVWA.
However, i felt dvwa is not suitable for new and advanced techniques. Mutillidae is one of the best web application vulnerable app to date. However, I missed some techniques/features in Mutillidae. so i thought it is better develop our own app to teach the web application pentesting for my readers and students.
BTS PenTesting Lab is a vulnerable web application that allows you to learn from basic to advanced vulnerability techniques.
Currently, the app contains following vulnerability types:
SQL Injection
Cross Site scripting(XSS)
Cross Site request Forgery(CSRF)
Clickjacking
Server Side Request Forgery(SSRF))
File Inclusion(RFI and LFI)
Command Execution
You can download our app from here:
BTS Pentesting Lab
Download BTS Pentesting Lab for free. BTS Pentesting Lab - a deliberately vulnerable Web application . BTS PenTesting Lab is an open source vulnerable web application, created by Cyber Security & Privacy Foundation (www.cysecurity.org). It can be used to learn about many different types of web...
sourceforge.net
GitHub - CSPF-Founder/btslab: Vulnerable web application
Vulnerable web application. Contribute to CSPF-Founder/btslab development by creating an account on GitHub.
github.com
How to run BTS PenTesting Lab?
1. Install XAMPP or WAMPP in your machine
2. Extract the bts_lab zip file into the htdocs folder.
3. Open the “http://localhost/bts_lab/setup.php” url in your browser.
4. Click the Setup.
That’s all Now you can start to use the app at “http://localhost/bts_lab”
