Hullu is a custom-built lightweight offensive security training VM based on Alpine Linux. It's intended for educational use, penetration testing practice, and Capture The Flag (CTF)-style scenarios in isolated virtual lab environments.

Pre-installed Tools and Services:
+ Web Stack:
- Python3 + Flask
- Apache2 with HTTPS
- PHP + MySQL (MariaDB)
- phpMyAdmin
- FlaskVA (Python-based vulnerable app) https://github.com/kaledaljebur/FlaskVA
- DVWA (PHP-based vulnerable app) https://github.com/digininja/DVWA
+ Protocols Simulated:
- HTTP / HTTPS
- SSH / SFTP
- SMB (under constructions)
- DNS (under constructions)
- FTP / FTPS (under constructions)
+ In FlaskVA (Python-based):
- SQL Injection
- Command Injection
- File Upload (with SUID exploit vector)
- XSS
- SSRF
- IDOR
This is the first version of Hullu, more details are coming.
Please contact me if you have any questions or suggestions.
Regards,
Kaled Aljebur.

Project Activity

See All Activity >

Follow Hullu Vulnerable System

Hullu Vulnerable System Web Site

Other Useful Business Software
Level Up Your Cyber Defense with External Threat Management Icon
Level Up Your Cyber Defense with External Threat Management

See every risk before it hits. From exposed data to dark web chatter. All in one unified view.

Move beyond alerts. Gain full visibility, context, and control over your external attack surface to stay ahead of every threat.
Try for Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of Hullu Vulnerable System!

Additional Project Details

Registered

2025-07-23
Report inappropriate content