A controlled environment for demonstrating and understanding buffer overflow vulnerabilities in web applications. This project is designed for educational purposes as part of secure software development training.
This project intentionally contains vulnerable code for educational purposes. Do not deploy in a production environment.
- Python 3.9
- Flask
- Docker & Docker Compose
- Threading for concurrent attack simulation
buffer-overflow-demo/
├── docker-compose.yml
├── exploit/
│ └── exploit.py
└── web/
├── Dockerfile
├── app.py
├── requirements.txt
└── templates/
└── index.html
- Docker
- Docker Compose
- Python 3.x (for running exploit scripts)
- pip (Python package manager)
- Clone the repository:
git clone https://github.com/0x4m4/buffer-overflow-lab.git
cd buffer-overflow-demo- Start the vulnerable web application:
docker-compose up --build- Install Python dependencies for the exploit script:
pip install requests- Run the exploit demonstration:
cd exploit
python exploit.py- Controlled buffer overflow demonstration
- Web interface for manual testing
- Automated exploit script
- Resource-limited containerized environment
- Concurrent attack simulation
- Normal input (within buffer size)
- Boundary case testing
- Slight overflow demonstration
- Medium overflow impact
- Aggressive crash testing
This application is intentionally vulnerable and should only be used in isolated, educational environments. The container includes security measures like:
- Resource limitations
- No privilege escalation
- Isolated network
- 0x4m4
- Website: www.0x4m4.com
This project is licensed under the MIT License - see the LICENSE file for details.
Contributions, issues, and feature requests are welcome! Feel free to check the issues page.