Skip to content

WebSploit Labs

WebSploit Labs WebSploit Labs is a learning environment created by Omar Santos for different Cybersecurity Ethical Hacking, Bug Hunting, Incident Response, Digital Forensics, and Threat Hunting training sessions. WebSploit Labs includes several intentionally vulnerable applications running in Docker containers on top of Kali Linux or Parrot Security OS, several additional tools, and over 9,000 cybersecurity resources.

WebSploit Labs has been used by many colleges and universities in different countries. It comes with over 500 distinct exercises!

Setting Up Websploit Labs

Setting up WebSploit is extremely easy. It's just two easy steps.

STEP 1: Download Kali or Parrot

Download Kali or Parrot OS (your preference) and install any of those distributions in a VM. Use the hypervisor of your choice (e.g., VirtualBox, VMWare Workstation/Fusion, ESXi, KVM, Proxmox, etc.).

Minimum VM Requirements:

  • 8GB RAM
  • 2 vCPU
  • 50 GB HDD

STEP 2: Run the WebSploit Install Script

After you have installed Kali Linux, run the following command from a terminal window to setup your environment:

curl -sSL https://websploit.org/install.sh | sudo bash

This command will install all the tools, Docker, the intentionally vulnerable containers, and numerous cybersecurity resources.

Installing WebSploit Labs in Parrot OS and Kali Linux

Note about Apple Silicone Macs

WebSploit Labs is not supported in Apple Silicone (M1..M4) Macs due to compatibility issues with hypervisors and Docker.

Verifying the install.sh script

You can verify the install.sh script SHA-512 checksum here.

Vulnerable Applications

Vulnerable Applications