RPI Labs: OWASP Mutillidae II
Version: 2.11.14
Security Level: 0 (Hosed)
Hints: Enabled
Not Logged In
Home
|
Login/Register
|
Toggle Hints
|
Toggle Security
|
Enforce TLS
|
Reset DB
|
View Log
|
View Captured Data
OWASP 2017
A1 - Injection (SQL)
SQLi - Extract Data
User Info (SQL)
SQLi - Bypass Authentication
Login
SQLi - Insert Injection
Add to your blog
Register
View Captured Data
Blind SQL via Timing
Login
User Info (SQL)
SQLMAP Practice
SQLMAP Practice Targets
Login
View Someones Blog
User Info (SQL)
Via JavaScript Object Notation (JSON)
Pen Test Tool Lookup
Pen Test Tool Lookup (AJAX)
Via SOAP Web Service
Lookup User
Via REST Web Service
User Account Management
A1 - Injection (Other)
Application Log Injection
Add to your blog
DNS Lookup
Echo Message
Echo Message (CORS)
Echo Message (CSP)
Document Viewer
Capture Data Page
Login
Register User
Source Viewer
Test Connectivity to Server
Text File Viewer
Buffer Overflow
Repeater
Cascading Style Injection
Set Background Color
CBC-bit Flipping
Command Injection
DNS Lookup
DNS Lookup (SOAP Web Service)
Echo Message
Echo Message (CORS)
Echo Message (CSP)
Test Connectivity to Server
Frame Source Injection
Document Viewer
Styling with Mutilidae
HTML Injection (HTMLi)
Add to your blog
Browser Info
DNS Lookup
Echo Message
Echo Message (CORS)
Echo Message (CSP)
Test Connectivity to Server
Pen Test Tool Lookup
Text File Viewer
User Info (SQL)
User Info (XPath)
Set Background Color
HTML5 Web Storage
Capture Data Page
View Captured Data
Document Viewer
Arbitrary File Inclusion
Poll Question
Register User
Login
Those "Back" Buttons
Styling with Mutilidae
Password Generator
HTMLi via HTTP Headers
Those "Back" Buttons
Browser Info
Site Footer
HTTP Response Splitting (Hint: Difficult)
HTMLi Via DOM Injection
HTML5 Web Storage
Password Generator
HTMLi Via Cookie Injection
Capture Data Page
HTTP Parameter Pollution
Poll Question
Document Viewer
JavaScript Injection
Those "Back" Buttons
Password Generator
Browser Info
JavaScript Object Notation (JSON) Injection
Pen Test Tool Lookup
Pen Test Tool Lookup (AJAX)
LDAP Injection
Conference Room Lookup
Parameter Addition
Repeater
View User Privileges
XML External Entity Injection
XML Validator
XML Entity Expansion
XML Validator
XML Injection
XML Validator
XPath Injection
User Info (XPath)
A2 - Broken Authentication and Session Management
Authentication Bypass
Via Brute Force
Via Cookies
Via SQL Injection
Via Account Hijacking
Priviliege Escalation
Via Cookies
Login
Via Account Hijacking
Via CBC-bit Flipping
Username Enumeration
Login
Edit User Profile
Lookup User (SOAP Web Service)
User Account Management (REST Web Service)
JSON Web Token (JWT)
Current User Information
A3 - Sensitive Data Exposure
Information Disclosure
Edit User Profile
PHP Info Page
Robots.txt
"Secret" Administrative Pages
HTML5 Web Storage
HTML/JavaScript Comments
Cache-Control
Click-Jacking
Cross-Site Framing
X-Frame-Options (Click-Jacking)
X-Frame-Options (Cross-frame Scripting)
Application Path Disclosure
PHP Info Page
Robots.txt
Platform Path Disclosure
PHP Info Page
SSL Misconfiguration
JSON Web Token (JWT)
Current User Information
A4 - XML External Entities
XML External Entity Injection
XML Validator
A5 - Broken Access Control
Insecure Direct Object References (IDOR)
Via Account Hijacking
Source Viewer
Text File Viewer
Local File Inclusiion (LFI)
Local File Inclusion (LFI)
Remote File Inclusiion (RFI)
Remote File Inclusion (RFI)
Open Redirect
Credits
Server-side Request Forgery (SSRF)
Test Connectivity to Server
Missing Function Level Access Control
Cookies as Auth Tokens
"Secret" Administrative Pages
Client-side Control Challenge
Robots.txt
JSON Web Token (JWT)
Current User Information
Cross-origin Resource Sharing (CORS)
Echo Message (CORS)
A6 - Security Misconfiguration
Cross-origin Resource Sharing (CORS)
Echo Message (CORS)
Directory Browsing
Method Tampering (GET for POST)
Add to your blog
User Info (SQL)
User Info (XPath)
Poll Question
DNS Lookup
Echo Message
Echo Message (CORS)
Echo Message (CSP)
Test Connectivity to Server
HTTP Headers
Cross-Origin Resource Sharing (CORS)
Cache-Control
Click-Jacking
Cross-Site Framing (Third-Party Framing)
User-Agent Impersonation
Unrestricted File Upload
SSL Misconfiguration
PHP Info Page
Robots.txt
A7 - Cross Site Scripting (XSS)
Reflected (First Order)
DNS Lookup
Echo Message
Echo Message (CORS)
Echo Message (CSP)
Test Connectivity to Server
Pen Test Tool Lookup
Text File Viewer
User Info (SQL)
Set Background Color
HTML5 Web Storage
Capture Data Page
Document Viewer
Arbitrary File Inclusion
XML Validator
User Info (XPath)
Poll Question
Register User
Browser Info
Those "Back" Buttons
Styling with Mutilidae
Password Generator
Client-side Control Challenge
Persistent (Second Order)
Add to your blog
View someone's blog
Register User
Edit User Profile
Show Log
DOM-Based
HTML5 Web Storage
Password Generator
Cross Site Request Forgery (CSRF)
Add to your blog
Register User
Poll Question
Via "Input" (GET/POST)
Add to your blog
View someone's blog
Show Log
Text File Viewer
DNS Lookup
Echo Message
Echo Message (CORS)
Echo Message (CSP)
Test Connectivity to Server
User Info (SQL)
User Info (XPath)
Missing HTTPOnly Attribute
Set Background Color
Pen Test Tool Lookup
Document Viewer
Via HTTP Headers
Browser Info
Show Log
Site Footer
Those "Back" Buttons
Via HTTP Attribute
Document Viewer
Via Misconfiguration
Missing HTTPOnly Attribute
Against HTML5 Web Storage
HTML5 Web Storage
Against JSON
Pen Test Tool Lookup
Via Cookie Injection
Capture Data Page
Via XML Injection
XML Validator
Via XPath Injection
User Info (XPath)
Via Path Relative Style Sheet Injection
Styling with Mutilidae
BeeF Framework Targets
Add to your blog
View someone's blog
Show Log
DNS Lookup
Echo Message
Echo Message (CORS)
Echo Message (CSP)
Test Connectivity to Server
Pen Test Tool Lookup
Text File Viewer
User Info (SQL)
Set Background Color
HTML5 Web Storage
Capture Data Page
Document Viewer
Arbitrary File Inclusion
XML Validator
User Info (XPath)
Poll Question
Register User
Password Generator
A8 - Insecure Deserialization
A9 - Using Components with Known Vulnerabilities
PHP Info Page
CBC-bit Flipping
SSL Misconfiguration
A10 - Insufficient Logging and Monitoring
OWASP 2013
A8 - Cross Site Request Forgery (CSRF)
Add to your blog
Register User
Poll Question
A10 - Unvalidated Redirects and Forwards
Credits
Setup/reset the DB (Disabled: Not Admin)
OWASP 2010
A7 - Insecure Cryptographic Storage
User Info (SQL)
User Info (XPath)
HTML5 Web Storage
View User Privileges
A8 - Failure to Restrict URL Access
Edit User Profile
Source Viewer
"Secret" Administrative Pages
Robots.txt
Arbitrary File Inclusion
PHP Info Page
A9 - Insufficient Transport Layer Protection
SSL Misconfiguration
Login
User Info (SQL)
User Info (XPath)
OWASP 2007
A3 - Malicious File Execution
Text File Viewer
Source Viewer
A6 - Information Leakage
Edit User Profile
Cache-Control
X-Powered-By HTTP Header
HTML/JavaScript Comments
Click-Jacking
Cross-Site Framing (Third-Party Framing)
HTML5 Web Storage
PHP Info Page
Robots.txt
SSL Misconfiguration
A6 - Improper Error Handling
User Info (SQL)
User Info (XPath)
Login
Register
Edit User Profile
Pen Test Tool Lookup
Pen Test Tool Lookup (AJAX)
Lookup User (SOAP Web Service)
Web Services
SOAP
Test Page
Hello World
Command Injection
DNS Lookup
SQL Injection
Lookup User
Username Enumeration
Lookup User
REST
SQL Injection
User Account Management
Username Enumeration
User Account Management
Others
Cross-origin Resource Sharing (CORS)
Echo Message (CORS)
Client-side "Security" Controls
Client-side Control Challenge
Cross-Site Framing
Click-Jacking
Cross-Site Framing (Third-Party Framing)
Tab-Nabbing
Tabby Cat
Unrestricted File Upload
File Upload
Denial of Service
Text File Viewer
Show Web Log
JavaScript Validation Bypass
Login
User Info (SQL)
User Info (XPath)
Add to your blog
HTML5 Web Storage
DNS Lookup
Echo Message
Echo Message (CORS)
Echo Message (CSP)
Repeater
Test Connectivity to Server
User-Agent Impersonation
Data Capture Pages
Data Capture
View Captured Data
JSON Web Token (JWT)
Current User Information
Labs
How the Web Works
Lab 1 - Sending HTTP Requests with Netcat
Lab 2 - Capturing HTTP Packets with Wireshark
Lab 3 - Intercepting HTTP Requests and Responses
Lab 4 - Using Burp-Suite Proxy History
Lab 5 - Bypassing Client-side Security
SQL Injection
Lab 6 - Testing for SQL Errors
Lab 7 - Using SQLi to Bypass Authentication
Lab 8 - Extracting data
Lab 9 - Finding Number of Columns
Lab 10 - Pivoting with SQL injection
Lab 11 - SQLMap
Command Injection
Lab 12 - Extracting User Accounts with Command Injection
Lab 13 - Testing for Reverse Connection
Lab 14 - Reverse Bash Shell with Command Injection
Lab 15 - Reverse Meterpreter Shell with Command Injection
Lab 16 - Web Shell with Command injection
Lightweight Directory Access Protocol (LDAP) Injection
Lab 17 - Extract User Accounts with LDAP Injection
Insecure Direct Object Referece (IDOR)
Lab 18 - Edit Another User's Profile
Lab 19 - Extracting User Accounts with IDOR
Lab 20 - Extracting User Accounts with Local File Inclusion (LFI)
Lab 21 - Web Shell with Local File Inclusion (LFI)
Lab 22 - Web Shell with Remote File Inclusion (RFI)
Open Redirect
Lab 23 - Open Redirects - Part 1
Lab 24 - Open Redirects - Part 2
Cross-site Scripting (XSS)
Lab 25 - Creating a Cross-site Script Proof of Concept (PoC)
Lab 26 - Browser Exploitation Framework (BeEF)
Lab 27 - Bypassing Client-side Defenses
Lab 28 - Defending Against Cross-site Scripting
Cross-site Request Forgery (CSRF)
Lab 29 - Voting for NMap
Lab 30 - Adding a Blog
HTML5 Web Storage
Lab 31 - Capturing HTML 5 Web Storage
Session Management
Lab 32 - Capture Session with XSS
Lab 33 - Intercepting Session Token using Network Sniffer
Lab 34 - Exfiltrating Data with XSS
Lab 35 - Capture Session with XSS
Lab 36 - Using a captured session token
Cookie Management
Lab 37 - Show Hints
Lab 38 - Privilege Escalation
Password Management
Lab 39 - Password Cracking
Lab 40 - Intercepting Clear-Text Credentials
Lab 41 - Hydra
Input Validation
Lab 42 - Input Validation
Lab 43 - File Identification
Error Handling
Lab 44 - Grabbing Server Banners
Lab 45 - Creating Injection Files
Lab 46 - Scanning with Nikto
Lab 47 - Testing for Errors
Logging
Lab 48 - Log Poisoning
Lab 49 - Log Disclosure
Server Configuration
Lab 50 - Testing HTTP Response Headers
Lab 51 - Scanning with Nikto
Lab 52 - Scanning with SSLScan
Content Security Policy (CSP)
Lab 53 - Testing HTTP Response Headers
Lab 54 - Scanning with SSLScan
Lab 55 - Testing Content Security Policy (CSP)
JSON Web Token (JWT) Security
Lab 56 - Session Timeout
Lab 57 - Missing Signature Validation
Lab 58 - Cracking Signature Password
Lab 59 - SQL Injection via JWT
Cross-origin Resource Sharing (CORS)
Lab 60 - Access Control Allow Origin Header
Lab 61 - Pre-Flight Requests
Software Composition Analysis (SCA)
Lab 62 - Retire.js
Lab 63 - OWASP Depenency Check
Resources
Latest Version of OWASP Mutillidae II
OWASP Top Ten
Web Penetration Testing Add-Ons