HypeJab is a deliberately vulnerable web application intended for benchmarking automated scanners.
git clone https://github.com/ricekot/hypejab.git
cd hypejab
docker-compose up- Host Header Injection
- Apache Tomcat Ghostcat CVE 2020-1938
- Hidden File Sample
- JSP Samples Page
- Exposed Panels - CrushFTP
- Default Admin Login - Apache Axis2
- Publicly accessible phpinfo & php configuration files
- Unauthenticated Gitlab SSRF CVE 2021-22214 Demonstration
- Software Versions List
- Wordpress Username Enumeration
- Drupal Username Enumeration
- Magento Cacheleak
- SSRF - Parameter Based
- Magento Config File
- Magento Downloader
- Swagger Config File
- Wordpress Debugger
- AWStats Script
- API Key Scanner
- Database Connection String
- MySQL Username Disclosure
- 403 Bypass
- Firebase Database Unauthorized Access
- Base Tag Hijacking
- Magento API Anonymous Access
- Out-of-Band XXE
- Apache Cassandra Unauthorized Access
- Laravel Ignition Reflected XSS
- S3 Bucket Publicly Accessible
- Arbitrary File Read Next.js
- Chrome Logger Information Disclosure
- Apache Tomcat Examples Directory
- Merurial Repository Found
- Flask Debug Mode
- Drupal backup_migrate
- Log4j RCE