Here is a collection of applications, tools and libraries developed by the CyLab team, that can be used to illustrate and experiment with different kinds of vulnerabilities.
A web application that can be hacked using a brute force attack.
A minimal Linux image that allows to clone and restore disk images over the network. It is made to boot from the network (using PXE). This allows to quickly restore an image on multiple computers, like a classroom for example...
A tool to deploy VMs with Docker containers using Vagrant and VirtualBox.
A simple brute-force login cracker written in Python.
A webterminal that allows to run dokos password cracking tool.
A simple web application, that will reveal a secret code if you query using a command line tool like netcat, telnet or simpletcpclient.
Examples and tutorials to get started with the P4 programming language
Runs a webserver that allows to download a customized PCAP file. The PCAP contains a capture of a HTTP login process, with a password injected from an environment variable.
A very simple login form, can be used to demonstrate how POST requests work, or to organize a network sniffing lab.
A simple interactive TCP client written in Python. Simple TCP client can be used to test or illustrate the working of TCP based applications.
A web application that can be hacked using SQL injection attack. The app uses a MySQL database and parameters are sent using a GET request.
A web application that can be hacked using SQL injection attack. The app uses a MySQL database.
A web application that can be hacked using SQL injection attack. The app uses nice URL's.
A web application that can be hacked using SQL injection attack. The app uses a SQLite database.
A vulnerable web application suffering from unrestricted file upload