Vulnerable Client-Server Application
Vulnerable client-server application (VuCSA) is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface).
Currently the vulnerable application contains the following challenges:
- Buffer Over-read (simulated)
- Command Execution
- SQL Injection
- Horizontal Access Control
- Vertical Access Control
Solutions for these challenges using open-source tool PETEP can be found on the following YouTube playlist.
VuCSA can be downloaded from GitHub releases:
GitHub: VuCSA GitHub