LKWA – Lesser Known Web Attack Lab

Click the icon to Follow me:- twitterTelegramRedditDiscord
LKWA 1 lkwa

Lesser Known Web Attack Lab is for intermediate pentester that can test and practice lesser known web attacks such as Object Injection, XSSI, PHAR Deserialization, variables variable ..etc. Write-ups are welcome.

Just clone the git with git clone and move it to your web server and you are good to go.

Current Vulns

  • Blind RCE
  • XSSI
  • PHAR Deserialization
  • PHP Object Injection
  • PHP Object Injection via Cookies
  • PHP Object Injection (Object Reference)
  • SSRF
  • Variables variable
Download LKWA
Original Source
Available for Amazon Prime