BTS Pentesting Lab download

BTS PenTesting Lab is an open source vulnerable web application, created by Cyber Security & Privacy Foundation (www.cysecurity.org). It can be used to learn about many different types of web application vulnerabilities.

Currently, the app contains the following types of vulnerabilities:
*SQL Injection
*XSS(includes Flash Based xss)
*CSRF
*Clickjacking
*SSRF
*File Inclusion
* Code Execution
*Insecure Direct Object Reference
*Unrestricted File Upload vulnerability
*Open URL Redirection
*Server Side Includes(SSI) Injection
and more...

Java version of this application can be found here:
https://sourceforge.net/p/javavulnerablelab/

Features

Has plenty of latest web application vulnerabilities
Easy to Install
It will help you to learn web application hacking
A real vulnerable web application
You can use any pentesting/hacking tools to test the vulnerability
Contains challenges that will improve your bug finding skills
Access the Admin panel at "/btslab/admin/". The default Admin Login Credentials: username 'admin' and password 'password'

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow BTS Pentesting Lab

BTS Pentesting Lab Web Site

Other Useful Business Software

Enterprise-grade ITSM, for every business

Give your IT, operations, and business teams the ability to deliver exceptional services—without the complexity.

Freshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.

Try it Free

Rate This Project

User Reviews

Be the first to post a review of BTS Pentesting Lab!

Additional Project Details

Intended Audience

Education, Information Technology, Security, Security Professionals

User Interface

Web-based

Programming Language

PHP

Related Categories

PHP Security Software, PHP Cybersecurity Tool

Registered

2014-01-01

Similar Business Software

Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Auth0

Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity...

See Software
Proton Pass

Proton Pass for Business is a secure, end-to-end encrypted password manager built for teams that prioritize privacy, compliance, and control. Safely store and share passwords, passkeys, secure notes, aliases, and credit card details with zero-knowledge encryption, ensuring only your...

See Software
Curtain LogTrace File Activity Monitoring

Curtain LogTrace File Activity Monitoring is an enterprise file activity monitoring solution. It tracks user actions: create, copy, move, delete, rename, print, open, close, save. Includes source/destination paths and disk type. Perfect for monitoring user file activities. Key features: -...

See Software
Reflectiz

Reflectiz is a web exposure management platform that helps organizations identify, monitor, and mitigate security, privacy, and compliance risks across their online environments. It provides full visibility and control over first, third, and fourth-party components like scripts, trackers, and...

See Software