WebSafeHub is an intentionally vulnerable PHP/MySQL web application designed to simulate real-world security vulnerabilities. Inspired by projects like DVWA (Damn Vulnerable Web Application) and OWASP (Open Web Application Security Project), WebSafeHub provides a platform for security enthusiasts, developers, and students to practice identifying and mitigating common web security vulnerabilities.
The application includes a variety of exercises that demonstrate different types of vulnerabilities (SQLi, XSS, CSRF, etc..).
By working through these exercises, users can learn how to identify and fix security issues in web applications. Each vulnerability page includes an overview of the vulnerability, mitigation strategies, and exercises designed to test and reinforce your understanding. You can experiment with creating and testing your own code to gain a deeper understanding of these vulnerabilities.
To download WebSafeHub, follow these steps:
-
On the repository page, click on the "Code" button located near the top-right corner. This will open a dropdown menu with a few options. Select "Download ZIP" to download the repository as a ZIP file.
-
Alternatively, you can use the following command via terminal:
git clone https://github.com/dev-angelist/WebSafeHub.git
To use WebSafeHub, you need to set up the database. You can do this by navigating to the DB Setup page and clicking the "Create Database" button. If you encounter any issues or need to reset the database, use the "Restore Database" button.
Ensure you have a web server and database server running on your local machine. You can use XAMPP for this purpose. Place the WebSafeHub files in your web server's public directory (e.g., htdocs for XAMPP). Navigate to the application's URL (e.g., http://localhost/WebSafeHub). Practicing Vulnerabilities Each vulnerability page includes an overview of the vulnerability, mitigation strategies, and exercises designed to test and reinforce your understanding. You can experiment with creating and testing your own code to gain a deeper understanding of these vulnerabilities.
WebSafeHub includes both documented and undocumented vulnerabilities, intentionally designed to encourage users to discover and address as many issues as possible. For assistance, a help button is available at the bottom of each page, providing hints and tips specific to each vulnerability. Additionally, there are supplementary links for further reading on related security topics.
WebSafeHub is based on the principles and philosophy of open source. We encourage the development of secure code and promote security by design. Your contributions help improve the platform and foster a community dedicated to learning and improving web security practices.
To contribute to this project, follow these steps:
- Fork this repository.
- Create a branch for your contribution (
git checkout -b feature/your-contribution). - Commit your changes (
git commit -am 'Add feature X'). - Push your branch (
git push origin feature/your-contribution). - Open a pull request.
@dev-angelist (GitHub profile)
This project is licensed under the MIT License - see the [LICENSE.md] file for details.