This repository contains three security testing labs focused on different aspects of web application security:
- Authentication Testing Lab
- Identity Management Testing Lab
- XSS (Cross-Site Scripting) Testing Lab
Before starting the labs, ensure you have the following installed:
- Docker
- Docker Compose
- Git
Located in auth-testing-lab/, this lab focuses on testing various authentication mechanisms.
cd auth-testing-lab
sudo docker compose up --buildThe application will be available at http://localhost:5000
Located in identity_management_testing/, this lab focuses on testing user identity and access management features.
cd identity_management_testing
sudo docker compose up --buildThe application will be available at http://localhost:3000
Located in xss/, this lab focuses on testing Cross-Site Scripting vulnerabilities.
cd xss
sudo docker compose up --buildThe application will be available at http://localhost:8080
- Flask-based web application
- Features multiple authentication scenarios
- Includes password reset and change functionality
- Admin dashboard access control testing
- Next.js based application
- User role management
- Lab booking system
- API authentication testing
- Access control testing
- PHP-based application
- Comment system for XSS testing
- Various XSS vulnerability scenarios
- Each lab runs in its own Docker container to prevent interference
- Make sure to stop running containers before switching between labs
- Use
docker-compose downto stop and remove containers when done - Check individual lab directories for specific testing instructions