Skip to content
Snippets Groups Projects
Select Git revision
  • main default protected
  • 1.0.3
  • 1.0.2
  • 1.0.1
  • 1.0.0
5 results
Compare
Name Last commit Last update
public
.gitlab-ci.yml
Dockerfile
LICENSE
README.md
brute-force-matrix.png
docker-compose.yml
try-in-play-with-docker-blue.svg
README.md

Brute Force

pipeline status Latest Release Try in PwD

Brute Force

A web application that can be hacked using a brute force attack:

  • there is a login form
  • user has a weak password
  • there is no rate limitation for login attempts

Try in Play with Docker

Try in PwD

Run with docker-compose

Easiest way to run the vulnerable app is using docker-compose:

mkdir brute-force-matrix
cd brute-force-matrix
curl -o docker-compose.yml https://gitlab.cylab.be/cylab/play/brute-force-matrix/-/raw/main/docker-compose.yml
docker-compose up

After a few seconds, the app will be available at http://127.0.0.1:8000

Run with Docker

docker run -p 8000:80 gitlab.cylab.be:8081/cylab/play/brute-force-matrix

Testing locally

You can use PHP built-in webserver to test locally:

git clone https://gitlab.cylab.be/cylab/play/brute-force-matrix.git
cd brute-force-matrix/public
php -S localhost:8000