small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
-
Updated
Apr 8, 2024 - PHP
#
command-injection
Here are 11 public repositories matching this topic...
This repository is a Dockerized php application containing a LFI (Local File Inclusion) vulnerability which can lead to RCE (Remote Code Execution).
owasp rce application-security lfi owasp-top-10 command-injection lfi-labs lfi-exploitation local-file-inclusion lfi-vulnerability os-command-injection remote-command-execution lfi-detection lfi-rce lfi-exploit lfi-to-rce lfi-to-shell lfi-scenario lfi-challenge
-
Updated
Jun 16, 2022 - PHP
Repositori ini berisi file-file vulnerable terhadap bug tertentu yang saya jadikan demo pada artikel yang saya tulis di abaykan.com
hack bug lab hacking xss labs bug-bounty bugs bugbounty writeup lfi command-injection local-file-inclusion
-
Updated
Oct 25, 2020 - PHP
DVWA (Damn Vulnerable Web Application) DVWA is a web application that is intentionally made vulnerable for educational and security testing purposes. It lets users practice and understand different types of web security attacks.
file-upload file hacking xss brute-force dvwa crsf command-injection sql-injection-attacks web-vulnerability
-
Updated
Jul 9, 2024 - PHP
The command injection sandbox is a tool for testing command injection vulnerabilities in web apps, in a safe environment.
-
Updated
Jun 10, 2023 - PHP
WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2022-46169). Run it at your own risk!
-
Updated
Apr 3, 2023 - PHP
Z-Vulnerable-Website-Project (ZVP for short) is a project where I try to create a custom vulnerable website for learning and demonstrating common web security flaws.
docker cybersecurity penetration-testing xss-vulnerability vulnerable-web-app web-security-research command-injection file-inclusion
-
Updated
Oct 5, 2024 - PHP
SecureShield — это мощная PHP-библиотека, которая защищает ваш проект от большинства известных атак: SQL-инъекции, XSS, CSRF, Command Injection, PHP Injection, и даже больше! Она готова к работе "из коробки", проста в использовании и может быть интегрирована в любой проект.
api php security opensource encryption authentication php-library firewall rate-limiting xss cybersecurity penetration-testing sql-injection csrf web-security vulnerabilities vulnerability-assessment secure-coding data-security command-injection
-
Updated
Nov 20, 2024 - PHP
A curated repository of categorized payloads for testing and exploiting common web vulnerabilities in ethical hacking and penetration testing.
sql xss bugbounty payloads xxe command-injection xss-payloads sqli-payloads vulnerability-testing payload-lists
-
Updated
May 14, 2025 - PHP
WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2023-39362). Run it at your own risk!
-
Updated
Oct 30, 2024 - PHP
The 30th PoC Hacking Camp - Web Hacking CTF wargame
-
Updated
Jan 15, 2025 - PHP
Improve this page
Add a description, image, and links to the command-injection topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the command-injection topic, visit your repo's landing page and select "manage topics."