G0yG0y is a fucking vulnerable PHP/MySQL web application.
![Image of G0yG0y Home Page] (https://raw.githubusercontent.com/xsuperbug/g0yg0y/master/goygoy.png)
Make sure your database credentials are correct within g0ygoy.php
$d = "old"; //Database
$u = "root"; //Username
$p = ""; //Password
Click here for reset the database -> http://localhost/g0yg0y/setup.php
Default username = admin
Default password = admin
Default username = guest
Default password = guest
G0yg0y is designed to understand following security issues:
- Command Injection
- SQL Injection – Login Bypass
- SQL Injection – Insert
- SQL Injection – Error Based
- SQL Injection – Blind
- Reflected Cross Site Scripting
- Stored Cross Site Scripting
- DOM Based Cross Site Scripting
- Cross Site Request Forgery (CSRF)
- Missing Access Control
- Insecure Direct Object Reference (IDOR)
- Unrestricted File Upload
- Local File Inclusion
- Unvalidated Redirect & Forwards
- Session Issues