hackxor

A webapp hacking game, where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc

Features

Client attack simulation using HtmlUnit; no alert('xss') here.
Smooth difficulty gradient from moderately easy to fiendishly tricky.
Realistic vulnerabilities modelled from Google, Mozilla, etc (No rot13!)
Open ended play; progress by any means possible.

Project Activity

See All Activity >

License

Apache License V2.0

Follow hackxor

hackxor Web Site

Other Useful Business Software

Simple, Secure Domain Registration

Get your domain at wholesale price. Cloudflare offers simple, secure registration with no markups, plus free DNS, CDN, and SSL integration.

Register or renew your domain and pay only what we pay. No markups, hidden fees, or surprise add-ons. Choose from over 400 TLDs (.com, .ai, .dev). Every domain is integrated with Cloudflare's industry-leading DNS, CDN, and free SSL to make your site faster and more secure. Simple, secure, at-cost domain registration.

Rate This Project

User Ratings

5.0 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

Filter Reviews:

All

robertcorreia Posted 2013-06-11

Great stuff.

1 user found this review helpful.

Additional Project Details

Registered

2011-01-29

Similar Business Software

Criminal IP

Criminal IP is a comprehensive threat intelligence search engine that detects vulnerabilities of personal and corporate cyber assets in real time and facilitates preemptive responses accordingly. Originated from the idea that individuals and corporations would be able to strengthen their cyber...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Control D

Control D is a customizable DNS filtering and traffic redirection platform that leverages Secure DNS protocols like DNS-over-HTTPS, DNS-over-TLS and DNS-over-QUIC, with support for Legacy DNS. - Block malicious threats - Block unwanted types of content network wide (ads & trackers, IoT...

See Software
c/side

cside is the leading client-side intelligence platform. Protecting organizations from advanced client-side threats such as script injection, data skimming, and browser-based attacks, risks often overlooked by traditional security measures. Leveraging client-side intelligence to provide evidence...

See Software
Action1

Action1 is an autonomous endpoint management platform trusted by many Fortune 500 companies. Cloud-native, infinitely scalable, highly secure, and configurable in 5 minutes—it just works and is always free for the first 200 endpoints, with no functional limits. By pioneering autonomous OS and...

See Software