## https://sploitus.com/exploit?id=D02021B3-39B3-5D9C-93E1-92F21BD89636
# Hacker Man - Vulnerable Web Applications Lab
A collection of intentionally vulnerable web applications for learning and practicing web security testing.
## Projects
### 01 - Botijão (vuln-gallery)
An image gallery application with multiple security vulnerabilities including:
- SQL Injection
- XSS (Cross-Site Scripting)
- IDOR (Insecure Direct Object Reference)
- File Upload vulnerabilities
- Authentication bypass
### 02 - Garrafada (vuln-lab)
A security challenges platform featuring:
- Prototype Pollution
- DOM Clobbering
- PostMessage vulnerabilities
- SQL Injection
- CSRF (Cross-Site Request Forgery)
- XSS (Cross-Site Scripting)
## Requirements
- Docker
- Docker Compose
## Quick Start
Each project has its own directory with a `docker-compose.yml` file:
```bash
# Run vuln-gallery
cd "01 - botijão/vuln-gallery"
docker-compose up
# Run vuln-lab
cd "02 - garrafada/vuln-lab"
docker-compose up
```
## Disclaimer
These applications are intentionally vulnerable and should only be used in isolated environments for educational purposes. Never deploy these applications on public networks or production servers.
## License
For educational use only.