PyFlaGoat is a deliberately insecure flask-based web application developed for the purpose of experimenting and developing features of static application security testing (SAST) solution of Sparrow Co., Ltd and enhancing public cybersecurity education.
This web application explains OWASP top 10 vulnerabilities and demonstrates each vulnerability by providing a demo to the user and also the corresponding mitigation strategies as enumerated by OWASP Foundation.
- SQL Injection
- Broken Authentication
- Sensitive Data Exposure
- XML External Entity
- Request Forgeries
- Broken Access Control
- Cross-Site Scripting
- Insecure Deserialization
- Client-Side Filtering
- Bypass Frontend
Developed during the Summer 2021 SWE internship @ Fasoo by Youngjun Yoo and Woohyun Jo.