Share
## https://sploitus.com/exploit?id=D02021B3-39B3-5D9C-93E1-92F21BD89636
# Hacker Man - Vulnerable Web Applications Lab

A collection of intentionally vulnerable web applications for learning and practicing web security testing.

## Projects

### 01 - Botijão (vuln-gallery)
An image gallery application with multiple security vulnerabilities including:
- SQL Injection
- XSS (Cross-Site Scripting)
- IDOR (Insecure Direct Object Reference)
- File Upload vulnerabilities
- Authentication bypass

### 02 - Garrafada (vuln-lab)
A security challenges platform featuring:
- Prototype Pollution
- DOM Clobbering
- PostMessage vulnerabilities
- SQL Injection
- CSRF (Cross-Site Request Forgery)
- XSS (Cross-Site Scripting)

## Requirements

- Docker
- Docker Compose

## Quick Start

Each project has its own directory with a `docker-compose.yml` file:

```bash
# Run vuln-gallery
cd "01 - botijão/vuln-gallery"
docker-compose up

# Run vuln-lab
cd "02 - garrafada/vuln-lab"
docker-compose up
```

## Disclaimer

These applications are intentionally vulnerable and should only be used in isolated environments for educational purposes. Never deploy these applications on public networks or production servers.

## License

For educational use only.