Skip to content

Commit

Permalink
initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
nana committed Oct 27, 2023
0 parents commit c52a763
Show file tree
Hide file tree
Showing 211 changed files with 15,058 additions and 0 deletions.
98 changes: 98 additions & 0 deletions .all-contributorsrc
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
{
"files": [
"README.md"
],
"imageSize": 100,
"commit": false,
"contributors": [
{
"login": "pwned-17",
"name": "pwned-17",
"avatar_url": "https://avatars.githubusercontent.com/u/61360833?v=4",
"profile": "https://github.com/pwned-17",
"contributions": [
"code"
]
},
{
"login": "prince-7",
"name": "Aman Singh",
"avatar_url": "https://avatars.githubusercontent.com/u/53997924?v=4",
"profile": "https://github.com/prince-7",
"contributions": [
"code"
]
},
{
"login": "adeyosemanputra",
"name": "adeyosemanputra",
"avatar_url": "https://avatars.githubusercontent.com/u/24958168?v=4",
"profile": "https://github.com/adeyosemanputra",
"contributions": [
"code",
"doc"
]
},
{
"login": "gaurav618618",
"name": "gaurav618618",
"avatar_url": "https://avatars.githubusercontent.com/u/29380890?v=4",
"profile": "https://github.com/gaurav618618",
"contributions": [
"code",
"doc"
]
},
{
"login": "kUSHAL0601",
"name": "MajAK",
"avatar_url": "https://avatars.githubusercontent.com/u/29600964?v=4",
"profile": "https://github.com/kUSHAL0601",
"contributions": [
"code"
]
},
{
"login": "JustinDPerkins",
"name": "JustinPerkins",
"avatar_url": "https://avatars.githubusercontent.com/u/60413733?v=4",
"profile": "https://github.com/JustinDPerkins",
"contributions": [
"code"
]
},
{
"login": "Hkakashi",
"name": "Liu Peng",
"avatar_url": "https://avatars.githubusercontent.com/u/43193113?v=4",
"profile": "https://github.com/Hkakashi",
"contributions": [
"code"
]
},
{
"login": "RupakBiswas-2304",
"name": "Metaphor",
"avatar_url": "https://avatars.githubusercontent.com/u/75058161?v=4",
"profile": "https://github.com/RupakBiswas-2304",
"contributions": [
"code"
]
},
{
"login": "whokilleddb",
"name": "whokilleddb",
"avatar_url": "https://avatars.githubusercontent.com/u/56482137?v=4",
"profile": "https://whokilleddb.github.io",
"contributions": [
"code"
]
}
],
"contributorsPerLine": 7,
"projectName": "pygoat",
"projectOwner": "adeyosemanputra",
"repoType": "github",
"repoHost": "https://github.com",
"skipCi": true
}
9 changes: 9 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
.env/
*.pyc
env
pygoat/db.sqlite3
venv
*.sqlite3
*db.sqlite3*
app.log
bin
3 changes: 3 additions & 0 deletions .vscode/settings.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
{
"python.formatting.provider": "yapf"
}
34 changes: 34 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
FROM python:3.11.0b1-buster

# set work directory
WORKDIR /app


# dependencies for psycopg2
RUN apt-get update && apt-get install --no-install-recommends -y dnsutils=1:9.11.5.P4+dfsg-5.1+deb10u9 libpq-dev=11.16-0+deb10u1 python3-dev=3.7.3-1 \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*


# Set environment variables
ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1


# Install dependencies
RUN python -m pip install --no-cache-dir pip==22.0.4
COPY requirements.txt requirements.txt
RUN pip install --no-cache-dir -r requirements.txt


# copy project
COPY . /app/


# install pygoat
EXPOSE 8000


RUN python3 /app/manage.py migrate
WORKDIR /app/pygoat/
CMD ["gunicorn", "--bind", "0.0.0.0:8000", "--workers","6", "pygoat.wsgi"]
1 change: 1 addition & 0 deletions Procfile
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
web: gunicorn pygoat.wsgi --log-file -
64 changes: 64 additions & 0 deletions PyGoatBot.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
from chatterbot import ChatBot
from chatterbot.trainers import ListTrainer
from chatterbot.logic import BestMatch

# Dataset generated by ChatGPT
training_data = [
'What is OWASP PyGoat?',
'OWASP PyGoat is an intentionally vulnerable web application used for learning web security testing.',
'Why should I learn web security testing?',
'Learning web security testing can help you understand how to identify and prevent web application attacks.',
'What types of vulnerabilities can PyGoat help me learn about?',
'PyGoat can help you learn about various types of web application vulnerabilities, including injection attacks, cross-site scripting (XSS), and broken authentication and session management.',
'How can I use PyGoat to learn web security testing?',
'PyGoat includes a series of lessons and challenges designed to teach you about web security testing techniques and common vulnerabilities.',
'Is PyGoat suitable for beginners?',
'Yes, PyGoat is designed to be accessible to beginners and experienced professionals alike.',
'Where can I download PyGoat?',
'You can download PyGoat from the official GitHub repository at https://github.com/OWASP/PyGoat',
'Are there any resources available to help me get started with PyGoat?',
'Yes, the PyGoat documentation includes a Getting Started guide and a list of additional resources to help you learn about web security testing.',
'Can I contribute to PyGoat?',
'Yes, PyGoat is an open-source project and welcomes contributions from anyone interested in improving the application.',
]

chatbot = ChatBot(
"PyGoatBot",
storage_adapter="chatterbot.storage.SQLStorageAdapter",
database_uri="sqlite:///database.sqlite3",
logic_adapters=[
{
"import_path": "chatterbot.logic.BestMatch",
"default_response": "I'm sorry, I'm not sure",
"maximum_similarity_threshold": 0.80,
}
],
)

trainer = ListTrainer(chatbot)
trainer.train(training_data)

print("Welcome to PyGoatBot! Type 'q' or 'exit' to quit.")
while True:
try:
user_input = input("You: ")
if user_input.lower() == "exit" or user_input.lower() == "q":
break

print("Available questions:")
for i, question in enumerate(training_data[::2], start=1):
print(f"{i}. {question}")

while True:
try:
question_index = int(input("Enter a number to select a question: "))
break
except ValueError:
print("Please enter a valid number.")

question = training_data[(question_index - 1) * 2]
response = chatbot.get_response(question)
print(f"PyGoatBot: {response}")

except (KeyboardInterrupt, EOFError):
break
128 changes: 128 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,128 @@
# PyGoat
<!-- ALL-CONTRIBUTORS-BADGE:START - Do not remove or modify this section -->
[![All Contributors](https://img.shields.io/badge/all_contributors-9-orange.svg?style=flat-square)](#contributors-)
<!-- ALL-CONTRIBUTORS-BADGE:END -->

intentionally vuln web Application Security in django.
our roadmap build intentionally vuln web Application in django. The Vulnerability can based on OWASP top ten
<br>

Table of Contents
=================

* [pygoat](#pygoat)
* [Installation](#installation)
* [From Sources](#from-sources)
* [Docker Container](#docker-container)
* [Installation Video](#installation-video)
* [Uninstallation](#uninstallation)
* [Solutions](/Solutions/solution.md)
* [For Developers](/docs/dev_guide.md)

## Installation

### From Sources

To setup the project on your local machine:
<br>

First, Clone the repository using GitHub website or git in Terminal
```
git clone https://github.com/adeyosemanputra/pygoat.git
### To Download a specific branch
git clone -b <branch_name> https://github.com/adeyosemanputra/pygoat.git
```

#### Method 1

1. Install all app and python requirements using installer file - `bash installer.sh`
2. Apply the migrations `python3 manage.py migrate`.<br>
3. Finally, run the development server `python3 manage.py runserver`.<br>
4. The project will be available at <http://127.0.0.1:8000>

#### Method 2

1. Install python3 requirements `pip install -r requirements.txt`.<br>
2. Apply the migrations `python3 manage.py migrate`.<br>
3. Finally, run the development server `python3 manage.py runserver`.<br>
4. The project will be available at <http://127.0.0.1:8000>

#### Method 3

1. Install all app and python requirements using `setup.py` file - `pip3 install .`
2. Apply the migrations `python3 manage.py migrate`.<br>
3. Finally, run the development server `python3 manage.py runserver`.<br>
4. The project will be available at <http://127.0.0.1:8000>

### Docker Container
1. Install [Docker](https://www.docker.com)
2. Run `docker pull pygoat/pygoat` or `docker pull pygoat/pygoat:latest`
3. Run `docker run --rm -p 8000:8000 pygoat/pygoat:latest`
4. Browse to <http://127.0.0.1:8000>
5. Remove existing image using `docker image rm pygoat/pygoat` and pull again incase of any error

### From Docker-Compose
1. Install [Docker](https://www.docker.com)
2. Run `docker-compose up` or `docker-compose up -d`

### Build Docker Image and Run
1. Clone the repository &ensp; `git clone https://github.com/adeyosemanputra/pygoat.git`
2. Build the docker image from Dockerfile using &ensp; `docker build -f Dockerfile -t pygoat .`
3. Run the docker image &ensp;`docker run --rm -p 8000:8000 pygoat:latest`
4. Browse to <http://127.0.0.1:8000> or <http://0.0.0.0:8000>

### Installation video

1. From Source using `installer.sh`
- [Installing PyGoat from Source](https://www.youtube.com/watch?v=7bYBJXG3FRQ)
2. Without using `installer.sh`
- [![](http://img.youtube.com/vi/rfzQiMeiwso/0.jpg)](http://www.youtube.com/watch?v=rfzQiMeiwso "Installation Pygoat")

## Uninstallation

### On Debian/Ubuntu Based Systems
- On Debian/Ubuntu based systems, you can use the `uninstaller.sh` script to uninstall `pygoat` along with all it's dependencies.
- To uninstall `pygoat`, simply run:
```bash
$ bash ./uninstaller.sh
```

### On Other Systems
- On other systems, you can use the `uninstaller.py` script to uninstall `pygoat` along with all it's dependencies
- To uninstall `pygoat`, simply run:
```bash
$ python3 uninstaller.py
```

## Solutions
<a href="/Solutions/solution.md">Solutions to all challenges</a>

## Contributors ✨

Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/docs/en/emoji-key)):

<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
<!-- prettier-ignore-start -->
<!-- markdownlint-disable -->
<table>
<tr>
<td align="center"><a href="https://github.com/pwned-17"><img src="https://avatars.githubusercontent.com/u/61360833?v=4?s=100" width="100px;" alt=""/><br /><sub><b>pwned-17</b></sub></a><br /><a href="https://github.com/adeyosemanputra/pygoat/commits?author=pwned-17" title="Code">💻</a></td>
<td align="center"><a href="https://github.com/prince-7"><img src="https://avatars.githubusercontent.com/u/53997924?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Aman Singh</b></sub></a><br /><a href="https://github.com/adeyosemanputra/pygoat/commits?author=prince-7" title="Code">💻</a></td>
<td align="center"><a href="https://github.com/adeyosemanputra"><img src="https://avatars.githubusercontent.com/u/24958168?v=4?s=100" width="100px;" alt=""/><br /><sub><b>adeyosemanputra</b></sub></a><br /><a href="https://github.com/adeyosemanputra/pygoat/commits?author=adeyosemanputra" title="Code">💻</a> <a href="https://github.com/adeyosemanputra/pygoat/commits?author=adeyosemanputra" title="Documentation">📖</a></td>
<td align="center"><a href="https://github.com/gaurav618618"><img src="https://avatars.githubusercontent.com/u/29380890?v=4?s=100" width="100px;" alt=""/><br /><sub><b>gaurav618618</b></sub></a><br /><a href="https://github.com/adeyosemanputra/pygoat/commits?author=gaurav618618" title="Code">💻</a> <a href="https://github.com/adeyosemanputra/pygoat/commits?author=gaurav618618" title="Documentation">📖</a></td>
<td align="center"><a href="https://github.com/kUSHAL0601"><img src="https://avatars.githubusercontent.com/u/29600964?v=4?s=100" width="100px;" alt=""/><br /><sub><b>MajAK</b></sub></a><br /><a href="https://github.com/adeyosemanputra/pygoat/commits?author=kUSHAL0601" title="Code">💻</a></td>
<td align="center"><a href="https://github.com/JustinDPerkins"><img src="https://avatars.githubusercontent.com/u/60413733?v=4?s=100" width="100px;" alt=""/><br /><sub><b>JustinPerkins</b></sub></a><br /><a href="https://github.com/adeyosemanputra/pygoat/commits?author=JustinDPerkins" title="Code">💻</a></td>
<td align="center"><a href="https://github.com/Hkakashi"><img src="https://avatars.githubusercontent.com/u/43193113?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Liu Peng</b></sub></a><br /><a href="https://github.com/adeyosemanputra/pygoat/commits?author=Hkakashi" title="Code">💻</a></td>
</tr>
<tr>
<td align="center"><a href="https://github.com/RupakBiswas-2304"><img src="https://avatars.githubusercontent.com/u/75058161?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Metaphor</b></sub></a><br /><a href="https://github.com/adeyosemanputra/pygoat/commits?author=RupakBiswas-2304" title="Code">💻</a></td>
<td align="center"><a href="https://whokilleddb.github.io"><img src="https://avatars.githubusercontent.com/u/56482137?v=4?s=100" width="100px;" alt=""/><br /><sub><b>whokilleddb</b></sub></a><br /><a href="https://github.com/adeyosemanputra/pygoat/commits?author=whokilleddb" title="Code">💻</a></td>
</tr>
</table>

<!-- markdownlint-restore -->
<!-- prettier-ignore-end -->

<!-- ALL-CONTRIBUTORS-LIST:END -->

This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!
Binary file added Solutions/img/img4.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Solutions/img/pic1.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Solutions/img/pic2.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Solutions/img/pic3.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading

0 comments on commit c52a763

Please sign in to comment.