Sam Bowne

Vulnerable Pages

Some of these pages contain vulnerable code, and this system may well be hacked now and then.

So don't put any personal information on these pages.


SQL Injection Tutorial: Hands-On
SQL Injection Tutorial 2
SQL Injection in Rails

Simple search page for Havij demo
Less vulnerable search page for Havij demo

Brute Force Challenges
Client-side Controls Demonstrations
Token Insecurities
PHP Insecurities
Blind Vulnerabilities
Logic Flaws
Insecure Authentication Demonstrations
XSS Demonstrations (New)

Cookie Login Page
Obfuscation Challenges
Password Guessing Games

Vulnerable Message Board (old)
SQL Injection demo (old)

Heartbleed Test

CNIT 124 Projects: Server Status

The number of listening processes on is in the box below. This should be 43 as of 6-24-16.

This server is hosted at

Last modified: 2-20-18