yevh/VulnPlanet

Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)

• Do you have a great vulnerable code example? Open a PR ♥️

Explore AI-driven CVE search

• https://vulnplanet.com/

Structure 📚

CVE 💡

• Top exploitable 2020-2022
  • Log4Shell
  • Spring4Shell
  • Follina
  • ProxyNotShell
  • ZeroLogon

Web2 🕸

• OWASP Top-10 2021

  • A01 - Broken Access Control
  • A02 - Cryptographic Failures
  • A03 - Injection
  • A04 - Insecure Design
  • A05 - Security Misconfiguration
  • [A06 - Vulnerable and Outdated Components]
  • [A07 - Identification and Authentication Failures]
  • [A08 - Software and Data Integrity Failures]
  • [A09 - Security Logging and Monitoring Failures]
  • [A10 - Server-Side Request Forgery]

• Per vulnerability

  • SQL Injection
  • NoSQL Injection
  • LDAP Injection
  • XSS
  • SSTI
  • XXE
  • SSRF
  • CSRF
  • Code Execution
  • Code Injection
  • Command Injection
  • XPATH Injection
  • Insecure Deserialization
  • Authentication Bypass
  • Broken Access Control
  • IDOR
  • Directory traversal
  • Prototype Pollution
  • Insecure File Uploads
  • Buffer Overflow
  • Integer Overflow
  • Denial Of Service
  • Sensitive Data Exposure
  • Improper Error Handling
  • Race Condition

API ⚕

• OWASP API Security Top-10 2019
  • API1 - Broken Object Level Authorization
  • API2 - Broken User Authentication
  • API3 - Excessive Data Exposure
  • API4 - Lack of Resources & Rate Limiting
  • API5 - Broken Function Level Authorization
  • API6 - Mass Assignment
  • API7 - Security Misconfiguration
  • API8 - Injection
  • API9 - Improper Assets Management
  • API10 - Insufficient Logging & Monitoring

Web3 █

• Per vulnerability
  • Reentrancy
  • Broken Access Control
  • Arithmetic Issues
  • Silent failing sends
  • Denial of Service
  • Bad Randomness
  • Front-Running
  • Time manipulation
  • Short Address Attack

Mobile 📱

• OWASP Top 10 Mobile 2016
  • M1: Improper Platform Usage
  • M2: Insecure Data Storage
  • M3: Insecure Communication
  • M4: Insecure Authentication
  • M5: Insufficient Cryptography
  • M6: Insecure Authorization
  • M7: Client Code Quality
  • M8: Code Tampering
  • M9: Reverse Engineering
  • M10: Extraneous Functionality

Infrastructure-as-Code (IaC) ☁

• Per vulnerability
  • Ingress from public internet
  • Access keys for the root is present
  • Load balancer does not use HTTPS
  • Token is not required for instance IMDS access
  • Root block device is not encrypted
  • IAM policy use of wildcard
  • Load balancer is not drop invalid headers
  • Load balancer is exposed publicly
  • Subnet associates public IP address
  • S3 Access block should block public ACL
  • S3 Access block should block public policy
  • Unencrypted S3 bucket
  • CMK is not used for S3 encryption
  • VPC Flow Logs is not enabled for VPC
  • Bucket does not have logging enabled
  • Bucket does not have versioning enabled
  • Instance has very low backup retention period
  • Log group is not encrypted
  • Cluster does not have container insights enabled
  • Security group rule does not have a description

Contact 📧

All suggestions write to [email protected]