LKWA – Lesser Known Web Attack Lab

January 7, 2020
LKWA 1 lkwa

Lesser Known Web Attack Lab is for intermediate pentester that can test and practice lesser known web attacks such as Object Injection, XSSI, PHAR Deserialization, variables variable ..etc. Write-ups are welcome.

Installation
Just clone the git with git clone https://github.com/weev3/LKWA and move it to your web server and you are good to go.

Current Vulns

  • Blind RCE
  • XSSI
  • PHAR Deserialization
  • PHP Object Injection
  • PHP Object Injection via Cookies
  • PHP Object Injection (Object Reference)
  • SSRF
  • Variables variable
Download LKWA
Original Source
Tags: , , , ,

You may have missed

Sliver C2

Sliver C2 Detected – 135[.]181[.]205[.]15:31337

May 8, 2024
covenant

CovenantC2 Detected – 45[.]41[.]187[.]220:7443

May 8, 2024
CISA Logo

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

May 8, 2024
CISA Logo

CISA: CISA Releases Eight Industrial Control Systems Advisories

May 8, 2024
CISA Logo

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

May 8, 2024