🔐 Vulnerability Playground & Remediation Dashboard

An interactive web application demonstrating common web vulnerabilities (OWASP Top 10) with educational remediation examples. This project showcases both offensive and defensive cybersecurity concepts.

⚠️ DISCLAIMER: This application contains intentional security vulnerabilities for educational purposes only. DO NOT deploy to production or expose to the public internet.

🎯 Project Overview

This project consists of two main components:

1. The Playground (Offensive Security)

A sandboxed environment where users can explore and exploit pre-built vulnerabilities:

• SQL Injection - Bypass authentication via malicious input
• Stored XSS - Inject malicious scripts via user comments
• Broken Access Control (IDOR) - Access unauthorized user profiles

2. Remediation Dashboard (Defensive Security)

An admin-only section demonstrating secure coding practices:

• Side-by-side code comparisons (vulnerable vs. secure)
• Detailed vulnerability explanations
• Remediation techniques and best practices

🚀 Features

• Interactive Exploitation: Hands-on experience with real vulnerabilities
• Educational Content: Learn both attack vectors and defenses
• Code Examples: Compare vulnerable and secure implementations
• Modern Stack: Built with Flask, SQLite, and Bootstrap
• Detailed Documentation: Comprehensive explanations of each vulnerability

🛠️ Tech Stack

• Backend: Flask (Python 3.8+)
• Database: SQLite
• Frontend: HTML5, CSS3, JavaScript, Bootstrap 5
• Template Engine: Jinja2

📋 Prerequisites

• Python 3.8 or higher
• pip (Python package manager)
• Virtual environment (recommended)

⚙️ Installation

1. Clone the repository

git clone https://github.com/mightbeian/vulnerability-playground.git
cd vulnerability-playground

2. Create a virtual environment

python -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate

3. Install dependencies

pip install -r requirements.txt

4. Initialize the database

python init_db.py

5. Run the application

python app.py

6. Access the application

• Open your browser and navigate to: http://127.0.0.1:5000

🎮 Usage

Default Credentials

Regular Users (for testing vulnerabilities):

• Username: user1 | Password: password123
• Username: user2 | Password: password456

Admin Access (for Remediation Dashboard):

• Username: admin | Password: admin123

Exploiting Vulnerabilities

SQL Injection

1. Navigate to the login page
2. Try payload: ' OR 1=1; -- in the username field
3. Leave password blank and submit

Stored XSS

1. Login as a regular user
2. Go to the Comments page
3. Post: <script>alert('XSS!');</script>
4. Refresh the page to see the script execute

IDOR (Broken Access Control)

1. Login as user1
2. Access your profile at /profile/1
3. Change URL to /profile/2 to view another user's data

Viewing Remediation

1. Login as admin
2. Access the Remediation Dashboard
3. View vulnerable vs. secure code comparisons
4. Read detailed explanations and best practices

📚 Vulnerabilities Covered

1. SQL Injection (SQLi)

Description: Injection of malicious SQL commands through user input

Impact:

• Authentication bypass
• Data exfiltration
• Database manipulation

Remediation: Use parameterized queries/prepared statements

2. Cross-Site Scripting (XSS)

Description: Injection of malicious scripts that execute in victims' browsers

Impact:

• Session hijacking
• Credential theft
• Malware distribution

Remediation: Input validation and output encoding

3. Broken Access Control (IDOR)

Description: Direct access to resources without proper authorization checks

Impact:

• Unauthorized data access
• Privacy violations
• Data manipulation

Remediation: Implement proper authorization checks

📁 Project Structure

vulnerability-playground/
│
├── app.py                 # Main Flask application
├── init_db.py            # Database initialization script
├── requirements.txt      # Python dependencies
├── README.md            # This file
│
├── templates/           # HTML templates
│   ├── base.html
│   ├── index.html
│   ├── login.html
│   ├── comments.html
│   ├── profile.html
│   ├── admin_login.html
│   └── dashboard.html
│
├── static/             # Static files
│   ├── css/
│   │   └── style.css
│   └── js/
│       └── main.js
│
├── docs/              # Documentation
│   ├── README.md
│   ├── ARCHITECTURE.md
│   ├── EXPLOITATION_GUIDE.md
│   └── DEMO_WALKTHROUGH.md
│
└── database/          # SQLite database (generated)
    └── vulnerable.db

🔒 Security Considerations

⚠️ IMPORTANT: This application is intentionally vulnerable and should:

• NEVER be deployed to a production environment
• NEVER be exposed to the public internet
• ONLY be used in isolated, local development environments
• ONLY be used for educational and training purposes

🎓 Learning Objectives

After working with this project, you should understand:

1. How common web vulnerabilities work
2. The impact of insecure coding practices
3. Proper remediation techniques
4. Secure coding best practices
5. The importance of input validation and output encoding
6. Proper authentication and authorization implementation

🤝 Contributing

Contributions are welcome! Feel free to:

• Add new vulnerability examples
• Improve documentation
• Enhance the UI/UX
• Fix bugs

Please submit a pull request with a clear description of your changes. See CONTRIBUTING.md for guidelines.

📝 License

This project is licensed under the MIT License - see the LICENSE file for details.

👤 Author

Christian Paul Cabrera

• GitHub: @mightbeian
• LinkedIn: mightbeian

🙏 Acknowledgments

• OWASP Top 10 Project
• Flask Documentation
• Web Security Community

📚 Additional Resources

• OWASP Top 10
• PortSwigger Web Security Academy
• Flask Security Best Practices
• OWASP Cheat Sheet Series

📖 Documentation

For detailed documentation, see the docs/ directory:

• Setup Guide - Detailed installation instructions
• Architecture - Technical design overview
• Exploitation Guide - Detailed attack techniques
• Demo Walkthrough - Step-by-step tutorial
• Contributing - Contribution guidelines

---

⭐ If you find this project helpful for learning web security, please consider giving it a star!