Exploitable App


A .NET Core Project for Learning Web Based Pen Testing

View the Project on GitHub postworthy/ExploitableApp

What is the Exploitable App?

Exploitable App is a sandbox for exploring the various ways that applications can be exploited by attackers. Designed to emulate a banking application with various vulnerabilities the Exploitable App is a learning platform that attempts to teach about common web security flaws. The Exploitable App contains generic security flaws that apply to most web applications and it also contains vulnerabilities that specifically pertain to the .NET framework. The vulnerabilities in this app are intented to teach about application security and the code is commented in a way that will allow developers to follow along and learn how to avoid the most common vulnerabilities.

Network Architecture

Exploitable App Network Architecture

Start Hacking Fast

Install Prerequisites
Run on Windows Docker for Desktop
git clone https://github.com/postworthy/ExploitableApp.git
cd ExploitableApp/HelmCHarts
Run on Mac
git clone https://github.com/postworthy/ExploitableApp.git
cd ExploitableApp/HelmCHarts

Looking for old instructions

Old Instructions

Run in Azure [From Linux, Mac, Windows via WSL/WSL2]

git clone https://github.com/postworthy/ExploitableApp.git
cd ExploitableApp/HelmCHarts

Dive into the Code

Because the application is built using .NET Core you will want to start by getting the latest version of Visual Studio which is currently available for Windows and Mac. You will then need to install Docker for your system. Last but not least you will want to install Git for pulling the latest code from the repo.

After you have navigated to your working folder you will want to get the latest code for the project using git

Windows & Mac
git clone https://github.com/postworthy/ExploitableApp.git

Once you have cloned the repo open the ExploitableApp.sln file to start exploring the code.


For Open Source Projects

If you are developing and distributing open source applications under the GPL License, then you are free to use this project under the GPL License. GPL FAQ

Commercial, Enterprise and Government Projects

Contact me at landon.key@gmail.com for more information on Commercial, Enterprise, and Government use of the this project.