Skip to content

danielserbu/VulnerableFastAPI

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
Databases
Databases
 
 
postmanCollection
postmanCollection
 
 
templates
templates
 
 
uploads
uploads
 
 
.gitignore
.gitignore
 
 
DatabaseUtils.py
DatabaseUtils.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
__init__.py
__init__.py
 
 
apiServer.py
apiServer.py
 
 
decorators.py
decorators.py
 
 
lfiTest.txt
lfiTest.txt
 
 
requirements.txt
requirements.txt
 
 
users.py
users.py
 
 

Repository files navigation

VulnerableFastAPI

Description:

VulnerableFastAPI Python program developed for learning AppSec and Pynt (https://docs.pynt.io/documentation/intro/overview)

To Do:

1. Add more vulnerabilities

2. Add secure functions (as counter example for the vulnerable functions)

How to run

  1. Install prerequisites "pip install -r requirements.txt"
  2. Start API Server with following command "uvicorn apiServer:app --reload --host=127.0.0.1 --port=5151"
  3. Notes: --reload is for debugging purposes in FastAPI, and set up the port as you wish.
  4. Start local webserver for SSRF testing: "python3 -m http.server 5656" (In parallel with the API Server)
  5. Import Postman Collection from here https://github.com/danielserbu/VulnerableFastAPI/tree/main/postmanCollection
  6. Have Fun.

About

Project for learning API Development and AppSec

Topics

python python3 sqlite3 fastapi fastapi-template

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages