Hullu is a custom-built lightweight offensive security training VM based on Alpine Linux. It's intended for educational use, penetration testing practice, and Capture The Flag (CTF)-style scenarios in isolated virtual lab environments.

Pre-installed Tools and Services:
+ Web Stack:
- Python3 + Flask
- Apache2 with HTTPS
- PHP + MySQL (MariaDB)
- phpMyAdmin
- FlaskVA (Python-based vulnerable app) https://github.com/kaledaljebur/FlaskVA
- DVWA (PHP-based vulnerable app) https://github.com/digininja/DVWA
+ Protocols Simulated:
- HTTP / HTTPS
- SSH / SFTP
- SMB (under constructions)
- DNS (under constructions)
- FTP / FTPS (under constructions)
+ In FlaskVA (Python-based):
- SQL Injection
- Command Injection
- File Upload (with SUID exploit vector)
- XSS
- SSRF
- IDOR
This is the first version of Hullu, more details are coming.
Please contact me if you have any questions or suggestions.
Regards,
Kaled Aljebur.

Project Activity

See All Activity >

Follow Hullu Vulnerable System

Hullu Vulnerable System Web Site

Other Useful Business Software
Gen AI apps are built with MongoDB Atlas Icon
Gen AI apps are built with MongoDB Atlas

Build gen AI apps with an all-in-one modern database: MongoDB Atlas

MongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.
Start Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of Hullu Vulnerable System!

Additional Project Details

Registered

2025-07-23
Report inappropriate content