Hullu is a custom-built lightweight offensive security training VM based on Alpine Linux. It's intended for educational use, penetration testing practice, and Capture The Flag (CTF)-style scenarios in isolated virtual lab environments.

Pre-installed Tools and Services:
+ Web Stack:
- Python3 + Flask
- Apache2 with HTTPS
- PHP + MySQL (MariaDB)
- phpMyAdmin
- FlaskVA (Python-based vulnerable app) https://github.com/kaledaljebur/FlaskVA
- DVWA (PHP-based vulnerable app) https://github.com/digininja/DVWA
+ Protocols Simulated:
- HTTP / HTTPS
- SSH / SFTP
- SMB (under constructions)
- DNS (under constructions)
- FTP / FTPS (under constructions)
+ In FlaskVA (Python-based):
- SQL Injection
- Command Injection
- File Upload (with SUID exploit vector)
- XSS
- SSRF
- IDOR
This is the first version of Hullu, more details are coming.
Please contact me if you have any questions or suggestions.
Regards,
Kaled Aljebur.

Project Activity

See All Activity >

Follow Hullu Vulnerable System

Hullu Vulnerable System Web Site

Other Useful Business Software
Custom VMs From 1 to 96 vCPUs With 99.95% Uptime Icon
Custom VMs From 1 to 96 vCPUs With 99.95% Uptime

General-purpose, compute-optimized, or GPU/TPU-accelerated. Built to your exact specs.

Live migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
Try Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of Hullu Vulnerable System!

Additional Project Details

Registered

2025-07-23