Lekir Framework
  • Introduction
  • Important information
  • Setup
    • Github
    • VM Image
    • Docker
  • System
    • Dashboard
    • Vulnerability
    • Tools
    • Compare Level
    • Settings
    • About
Powered by GitBook
On this page
  1. System

Vulnerability

Vulnerability Simulations Offered on LEKIR:

  1. SQL Injection: - Multilevel

    • Simulates SQL injection vulnerabilities where attackers can manipulate SQL queries to access or modify database information.

  2. SQL Injection Blind: - Multilevel

    • Demonstrates blind SQL injection vulnerabilities where attackers exploit SQL injection without receiving direct responses from the application.

  3. Local File Inclusion (LFI): - Multilevel

    • Provides scenarios to exploit local file inclusion vulnerabilities, allowing attackers to include and execute files on the server.

  4. Command Injection: - Multilevel

    • Simulates command injection vulnerabilities where attackers execute arbitrary system commands on the server via vulnerable input fields.

  5. File Upload: - Multilevel

    • Offers challenges to exploit insecure file upload functionalities, allowing attackers to upload and execute malicious files on the server.

  6. Cross-Site Scripting (XSS): - Multilevel

    • Includes reflected, stored, and DOM-based XSS vulnerabilities, showcasing different ways attackers can inject and execute malicious scripts in web applications.

  7. PHP Type Juggling:

    • Demonstrates PHP type juggling vulnerabilities where attackers manipulate data types to bypass authentication or perform unauthorized actions.

  8. JWT Weak Token:

    • Explores weaknesses in JSON Web Tokens (JWT), showcasing scenarios where attackers can forge or tamper with tokens to gain unauthorized access.

  9. Arbitrary File Download:

    • Provides challenges to exploit arbitrary file download vulnerabilities, allowing attackers to access sensitive files stored on the server.

  10. Insecure Direct Object References (IDOR):

    • Simulates IDOR vulnerabilities where attackers manipulate object references to access unauthorized resources or data.

  11. Remote Code Execution (RCE):

    • Offers scenarios to exploit remote code execution vulnerabilities, allowing attackers to execute arbitrary code on the server.

  12. Expose git directory

    • Offers scenarios to expose git folder vulnerabilies, allowing attackers to download source code.

These vulnerability simulations offered on LEKIR provide users with hands-on experience in identifying, exploiting, and mitigating various security vulnerabilities commonly found in web applications. Users can learn about attack techniques and defense strategies in a safe and controlled environment.

PreviousDashboardNextTools

Last updated 1 year ago