OWASP Vulnerable Container Hub

The OWASP Vulnerable Container Hub(VULCONHUB) is a project that provides:

• access to Dockerfile(or a similar Containerfile) along with files that are used to build the vulnerable container image
• documentation such as README that describes how to use the container, and optionally, a link to the image in the registry service such as Docker Hub or Quay.io, where a user can directly pull and run the container (on their own account).

The files provided in the repository allow users to build vulnerable container images, so that they can freely and safely learn, play, practice, and perform quick proof-of-concepts of CVE vulnerabilities or use them for preparation for their CTF challenges.

The ultimate goal of the project is to become the go-to reference to help anyone interested in security to share and maintain such useful container build files for security learning and practices.

Contributions

Contribution to the repository that contains container builds files is more than welcome!