Security of Web Applications: Project OWASP

This project was about creating a vulnerable application by introducing the top 10 OWASP 2017 vulnerabilities.

This repositories contains three websites :

The vulnerable website in the folder insecureWebsite.
The "fixed" website in the folder secureWebsite.
A "support" malicious website used to intercept data in the folder hackerWebsite.

Getting Started

Copy all files to your web server directory
Right-click on WAMP icon in the taskbar -> Tools -> Command Prompt -> MYSQL/bin
1. Type mysql.exe -uroot in the command prompt and press enter
2. Type the following SQL commands :
- CREATE DATABASE owasp;
- GRANT ALL ON *.* TO 'root'@'%';
Go to "http://my_web_server/insecureWebsite/install.php"
- This script will setup the database for you
Go to "http://my_web_server/insecureWebsite/index.php"
- You should be able to login with admin as login and Azertyuiop09 as password
- You should be able to login with alice as login and Azertyuiop09 as password
- You should be able to login with bob as login and password as password

Name		Name	Last commit message	Last commit date
Latest commit History 68 Commits
hackerWebsite		hackerWebsite
insecureWebsite		insecureWebsite
secureWebsite		secureWebsite
.gitignore		.gitignore
README.md		README.md
Rapport CANCELA VAZ - ROUSSEAU - MELKONIAN.pdf		Rapport CANCELA VAZ - ROUSSEAU - MELKONIAN.pdf