Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/0c34/govwa
Last synced: 26 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/0c34/govwa
- Owner: 0c34
- Created: 2017-10-03T11:11:34.000Z (about 7 years ago)
- Default Branch: master
- Last Pushed: 2024-07-12T16:48:05.000Z (5 months ago)
- Last Synced: 2024-08-03T13:02:18.568Z (4 months ago)
- Language: Go
- Size: 1.3 MB
- Stars: 172
- Watchers: 5
- Forks: 276
- Open Issues: 11
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-golang-security - govwa - A vulnerable golang application including the most common vulnerabilities found in web applications today. (Hacking Playground)
README
#### GoVWA
GoVWA (Go Vulnerable Web Application) is a vulnerable web application designed for pentester or programmers to learn the web application vulnerability that often occur in web applications. The vulnerabilities in GoVWA are OWASP Top 10 category.#### WARNING!
---
GoVWA is a vulnerable web application, **Run it only on local environment**#### Installation
---
#### Installing golang
Golang versiong : >= 1.11
Installing guide : https://www.digitalocean.com/community/tutorials/how-to-install-go-1-6-on-ubuntu-16-04#### Setup
```
git clone https://github.com/0c34/govwa.gitgit pull (to update)
```
#### Install dependency packages```
go mod download
```#### GoVWA config
---
#### Modified the config.json file for database configurationconfig.json file is located in config directory.
```
{
"user": "root",
"password": "root",
"dbname": "govwa",
"sqlhost": "localhost",
"sqlport": "3306",
"webserver": "http://localhost",
"webport": "8888","sessionkey:": "G0Vw444"
}```
Run GoVWA
```
go run app.go
```
```ÛÛÛÛÛÛÛÛÛ ÛÛÛÛÛ ÛÛÛÛÛ ÛÛÛÛÛ ÛÛÛ ÛÛÛÛÛ ÛÛÛÛÛÛÛÛÛ
ÛÛÛ°°°°°ÛÛÛ °°ÛÛÛ °°ÛÛÛ °°ÛÛÛ °ÛÛÛ °°ÛÛÛ ÛÛÛ°°°°°ÛÛÛ
ÛÛÛ °°° ÛÛÛÛÛÛ °ÛÛÛ °ÛÛÛ °ÛÛÛ °ÛÛÛ °ÛÛÛ °ÛÛÛ °ÛÛÛ
°ÛÛÛ ÛÛÛ°°ÛÛÛ °ÛÛÛ °ÛÛÛ °ÛÛÛ °ÛÛÛ °ÛÛÛ °ÛÛÛÛÛÛÛÛÛÛÛ
°ÛÛÛ ÛÛÛÛÛ°ÛÛÛ °ÛÛÛ °°ÛÛÛ ÛÛÛ °°ÛÛÛ ÛÛÛÛÛ ÛÛÛ °ÛÛÛ°°°°°ÛÛÛ
°°ÛÛÛ °°ÛÛÛ °ÛÛÛ °ÛÛÛ °°°ÛÛÛÛÛ° °°°ÛÛÛÛÛ°ÛÛÛÛÛ° °ÛÛÛ °ÛÛÛ
°°ÛÛÛÛÛÛÛÛÛ °°ÛÛÛÛÛÛ °°ÛÛÛ °°ÛÛÛ °°ÛÛÛ ÛÛÛÛÛ ÛÛÛÛÛ
°°°°°°°°° °°°°°° °°° °°° °°° °°°°° °°°°°=======
Server running at port :8082
Open this URL http://192.168.56.101:8082/ on your browser to access GoVWA```
Open the URL to access GoVWA and follow the setup instruction to create database and tables#### Setup from docker
```
git clone https://github.com/0c34/govwa.gitinside govwa directory:
docker-compose up --buildstop running process using
docker-compose down --remove-orphans --volumes```
GoVWA users:
|uname|password|
|-----|--------|
|admin|govwaadmin|
|user1|govwauser1|Explore the vulnerability.
#### Contributor
---
* Khaedir (golang programming)
* Xaquille (web design)#### To Do
* add more vulnerabilities
* ~~XXE Vulnerability~~
* NoSQLInjection
* JSON Web API (unprotected API)
* Build Simple Android APPPowered by [NemoSecurity](https://nemosecurity.com)