Sam Bowne

Vulnerable Pages

Some of these pages contain vulnerable code, and this system may well be hacked now and then.

So don't put any personal information on these pages.

Contents

SQL Injection Tutorial: Hands-On
SQL Injection Tutorial 2
SQL Injection in Rails

Simple search page for Havij demo
Less vulnerable search page for Havij demo

Brute Force Challenges
Client-side Controls Demonstrations
Token Insecurities
PHP Insecurities
Blind Vulnerabilities
Logic Flaws
Insecure Authentication Demonstrations
XSS Demonstrations
Header Injection

CSRF Demo (New 4-25-18)
Clickjacking Demo (New 4-25-18)
Keylogger (New 5-2-18)

Cookie Login Page
Obfuscation Challenges
Password Guessing Games

Vulnerable Message Board (old)
SQL Injection demo (old)

Heartbleed Test


Last modified: 5-2-18