💀 Vulnerable Web Hacking Lab 💀

Welcome to the training ground. There are 5 intentional vulnerabilities here.

1. Reflected XSS

Search for something. The strict sanitization might be missing...

2. Stored XSS

View and Post Comments. Be careful what you read.

3. Command Injection

Ping a server to check connectivity.

4. Local File Inclusion (LFI)

View page content directly from disk.

5. Broken Access Control

Admin Dashboard. (Only for 'admin' role).
Hint: check your cookies.