{"id":23010036,"url":"https://github.com/dmdhrumilmistry/vulnerable-api-app","last_synced_at":"2026-05-17T18:02:28.912Z","repository":{"id":44987660,"uuid":"512421401","full_name":"dmdhrumilmistry/Vulnerable-API-App","owner":"dmdhrumilmistry","description":"vulnerable python web application written in flask, bootstrap, HTML, CSS and JavaScript which is inspired from the web APIs that were found to be vulnerable among several Organizations exposing data of thousands of users!","archived":false,"fork":false,"pushed_at":"2022-07-14T07:01:09.000Z","size":40,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-02T16:15:00.810Z","etag":null,"topics":["dmdhrumilmistry","flask","flask-restful","flask-sqlalchemy","hacking","vulnerability"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dmdhrumilmistry.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-07-10T11:50:22.000Z","updated_at":"2024-03-12T05:07:32.000Z","dependencies_parsed_at":"2022-07-19T14:47:32.603Z","dependency_job_id":null,"html_url":"https://github.com/dmdhrumilmistry/Vulnerable-API-App","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/dmdhrumilmistry/Vulnerable-API-App","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dmdhrumilmistry%2FVulnerable-API-App","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dmdhrumilmistry%2FVulnerable-API-App/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dmdhrumilmistry%2FVulnerable-API-App/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dmdhrumilmistry%2FVulnerable-API-App/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dmdhrumilmistry","download_url":"https://codeload.github.com/dmdhrumilmistry/Vulnerable-API-App/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dmdhrumilmistry%2FVulnerable-API-App/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265333371,"owners_count":23748786,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dmdhrumilmistry","flask","flask-restful","flask-sqlalchemy","hacking","vulnerability"],"created_at":"2024-12-15T09:16:47.414Z","updated_at":"2026-05-17T18:02:28.859Z","avatar_url":"https://github.com/dmdhrumilmistry.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Vuln-API-App\n\nVuln-API-app is vulnerable python web application written in flask, bootstrap, HTML, CSS and JavaScript which is inspired from the web APIs that I've found to be vulnerable amomng several Organizations exposing data of thousands of users!\n\n## Deploy and HACK\n\n### Manual Method\n\n- Install [Python](https://python.org) and [git](https://git-scm.com/download)\n\n- Clone Repository\n\n  ```bash\n  git clone --depth=1 https://github.com/dmdhrumilmistry/Vulnerable-API-App\n  ```\n\n- Change to application directory\n\n  ```bash\n  cd Vulnerable-API-App\n  ```\n\n- Install Requirements\n\n  ```bash\n  python -m pip install -r requirements.txt\n  ```\n\n- Start application\n\n  ```bash\n  # Using python\n  python wsgi.py\n\n  # Using gunicorn (works only on linux distros)\n  gunicorn --bind 0.0.0.0:5000 wsgi:app\n\n  # Run in debug mode\n  python app.py\n\n  ```\n\n### Hack On TryHackMe\n\n- [Visit Room](https://tryhackme.com/room/vulnerableapiapproom)\n- [Room WriteUp](https://dmdhrumilmistry.github.io/blog/blog-ctf/tryhackme/2022/07/13/Vunerable-API-App.html)\n\n## ToDo\n\n- [ ] Create Docker Stable Container\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdmdhrumilmistry%2Fvulnerable-api-app","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdmdhrumilmistry%2Fvulnerable-api-app","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdmdhrumilmistry%2Fvulnerable-api-app/lists"}