BTS PenTesting Lab is an open source vulnerable web application, created by Cyber Security & Privacy Foundation (www.cysecurity.org). It can be used to learn about many different types of web application vulnerabilities.

Currently, the app contains the following types of vulnerabilities:
*SQL Injection
*XSS(includes Flash Based xss)
*CSRF
*Clickjacking
*SSRF
*File Inclusion
* Code Execution
*Insecure Direct Object Reference
*Unrestricted File Upload vulnerability
*Open URL Redirection
*Server Side Includes(SSI) Injection
and more...

Java version of this application can be found here:
https://sourceforge.net/p/javavulnerablelab/

Features

  • Has plenty of latest web application vulnerabilities
  • Easy to Install
  • It will help you to learn web application hacking
  • A real vulnerable web application
  • You can use any pentesting/hacking tools to test the vulnerability
  • Contains challenges that will improve your bug finding skills
  • Access the Admin panel at "/btslab/admin/". The default Admin Login Credentials: username 'admin' and password 'password'

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow BTS Pentesting Lab

BTS Pentesting Lab Web Site

Other Useful Business Software
Crowdtesting That Delivers | Testeum Icon
Crowdtesting That Delivers | Testeum

Unfixed bugs delaying your launch? Test with real users globally – check it out for free, results in days.

Testeum connects your software, app, or website to a worldwide network of testers, delivering detailed feedback in under 48 hours. Ensure functionality and refine UX on real devices, all at a fraction of traditional costs. Trusted by startups and enterprises alike, our platform streamlines quality assurance with actionable insights. Click to perfect your product now.
Click to perfect your product now.
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of BTS Pentesting Lab!

Additional Project Details

Intended Audience

Education, Information Technology, Security, Security Professionals

User Interface

Web-based

Programming Language

PHP

Related Categories

PHP Security Software, PHP Cybersecurity Tool

Registered

2014-01-01