Vulnerable Environments
Browse our collection of pre-built vulnerable environments for security research and education. Each environment is containerized with Docker and comes with detailed documentation.
40 Results in Auth Bypass
Apache Superset Hardcoded JWT Secret Key Leads to Authentication Bypass
Explore the Apache Superset Hardcoded JWT Secret Key Leads to Authentication Bypass vulnerability and learn how to exploit it.
Next.js Middleware Authorization Bypass
Explore the Next.js Middleware Authorization Bypass vulnerability and learn how to exploit it.
Apache HugeGraph JWT Token Secret Hardcoding Leads to Authentication Bypass
Explore the Apache HugeGraph JWT Token Secret Hardcoding Leads to Authentication Bypass vulnerability and learn how to exploit it.
Apache OFBiz Authentication Bypass Leads to RCE
Explore the Apache OFBiz Authentication Bypass Leads to RCE vulnerability and learn how to exploit it.
Apache OFBiz Authentication Bypass Leads to RCE
Explore the Apache OFBiz Authentication Bypass Leads to RCE vulnerability and learn how to exploit it.
Alibaba Nacos Authentication Bypass and Remote Code Execution
Explore the Alibaba Nacos Authentication Bypass and Remote Code Execution vulnerability and learn how to exploit it.
AJ-Report Authentication Bypass and Remote Code Execution
Explore the AJ-Report Authentication Bypass and Remote Code Execution vulnerability and learn how to exploit it.
Jetbrains TeamCity Authentication Bypass and Remote Command Execution
Explore the Jetbrains TeamCity Authentication Bypass and Remote Command Execution vulnerability and learn how to exploit it.
Apache OFBiz Authentication Bypass Leads to RCE
Explore the Apache OFBiz Authentication Bypass Leads to RCE vulnerability and learn how to exploit it.
Atlassian Confluence Access Control Broken by Attributes Overwrite
Explore the Atlassian Confluence Access Control Broken by Attributes Overwrite vulnerability and learn how to exploit it.
Jumpserver random seed leakage and account takeover
Explore the Jumpserver random seed leakage and account takeover vulnerability and learn how to exploit it.
Openfire Management Background Authentication Bypass
Explore the Openfire Management Background Authentication Bypass vulnerability and learn how to exploit it.
Joomla 4.2.7 Permission Bypass
Explore the Joomla 4.2.7 Permission Bypass vulnerability and learn how to exploit it.
Apache Shiro Authentication Bypass
Explore the Apache Shiro Authentication Bypass vulnerability and learn how to exploit it.
InfluxDB Empty JWT Secret Key Authentication Bypass
Explore the InfluxDB Empty JWT Secret Key Authentication Bypass vulnerability and learn how to exploit it.
Apache APISIX Dashboard API Permission Bypass to RCE
Explore the Apache APISIX Dashboard API Permission Bypass to RCE vulnerability and learn how to exploit it.
Spring Security Authorization Bypass in RegexRequestMatcher
Explore the Spring Security Authorization Bypass in RegexRequestMatcher vulnerability and learn how to exploit it.
Apache Airflow Permission Bypass
Explore the Apache Airflow Permission Bypass vulnerability and learn how to exploit it.
Nacos Authentication Bypass
Explore the Nacos Authentication Bypass vulnerability and learn how to exploit it.
Celery <4.0 Redis Unauthorized Access and Pickle Deserialization
Explore the Celery <4.0 Redis Unauthorized Access and Pickle Deserialization vulnerability and learn how to exploit it.
Apache Shiro Authentication Bypass
Explore the Apache Shiro Authentication Bypass vulnerability and learn how to exploit it.
ntopng Permission Bypass
Explore the ntopng Permission Bypass vulnerability and learn how to exploit it.
Tiki Wiki CMS Groupware Authentication Bypass
Explore the Tiki Wiki CMS Groupware Authentication Bypass vulnerability and learn how to exploit it.
PHP-FPM FastCGI Unauthorized Access Leads to Remote Code Execution
Explore the PHP-FPM FastCGI Unauthorized Access Leads to Remote Code Execution vulnerability and learn how to exploit it.
XXL-JOB Executor Unauthorized Access
Explore the XXL-JOB Executor Unauthorized Access vulnerability and learn how to exploit it.
H2 Database Console Unauthorized Access
Explore the H2 Database Console Unauthorized Access vulnerability and learn how to exploit it.
Apache Tomcat AJP Bug
Explore the Apache Tomcat AJP Bug vulnerability and learn how to exploit it.
Scrapyd Unauthorized Access
Explore the Scrapyd Unauthorized Access vulnerability and learn how to exploit it.
AppWeb Authentication Bypass
Explore the AppWeb Authentication Bypass vulnerability and learn how to exploit it.
uWSGI Unauthorized Access
Explore the uWSGI Unauthorized Access vulnerability and learn how to exploit it.
Gogs Session Overwrite and Arbitrary User Forge
Explore the Gogs Session Overwrite and Arbitrary User Forge vulnerability and learn how to exploit it.
libssh Server-side Authentication Bypass
Explore the libssh Server-side Authentication Bypass vulnerability and learn how to exploit it.
Apache Spark Unauthorized Access Leads to Remote Code Execution
Explore the Apache Spark Unauthorized Access Leads to Remote Code Execution vulnerability and learn how to exploit it.
Docker Remote API Unauthorized Access Leads to Remote Code Execution
Explore the Docker Remote API Unauthorized Access Leads to Remote Code Execution vulnerability and learn how to exploit it.
MySQL Authentication Bypass
Explore the MySQL Authentication Bypass vulnerability and learn how to exploit it.
Hadoop YARN ResourceManager Unauthorized Access
Explore the Hadoop YARN ResourceManager Unauthorized Access vulnerability and learn how to exploit it.
Rsync Unauthorized Access
Explore the Rsync Unauthorized Access vulnerability and learn how to exploit it.
Jupyter Notebook Unauthorized Access
Explore the Jupyter Notebook Unauthorized Access vulnerability and learn how to exploit it.
CouchDB Vertical Permission Bypass
Explore the CouchDB Vertical Permission Bypass vulnerability and learn how to exploit it.
Tomcat Weak Password
Explore the Tomcat Weak Password vulnerability and learn how to exploit it.