Skip to content
/ exploitees-vulnerable-webapp Public

A vulnerable webapp to demonstrate sql injection and mitigation

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

codecentric/exploitees-vulnerable-webapp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

exploitees

exploitees

 
 

terraform

terraform

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

secure-coding-workshop

Showcasing attack vectors like Injection.

Set up a webgoat instance only reachable from within the codecentric VPN.

Sets up

  • VPC, subnets, security groups
  • Load Balancer
  • Instance of WebGoat
  • TLS certificate (opt.)
  • DNS entry (opt.)

In order to create a TLS certificate and a DNS entry, you need to provide the name of a Route53 hosted zone. Inside this zone, a new subdomain "webgoat" is created for which the TLS certificate is issued.

If you omit the hosted zone, the Load Balancer is configured without TLS.

Setup

Initialize terraform

terraform init

Apply

Execute the terraform plan. Optionally restrict ingress to the webgoat instance to ip addresses coming from a cidr block.

terraform apply -var="restrict_to_cidr=1.2.3.4/32"

About

A vulnerable webapp to demonstrate sql injection and mitigation

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages