WebSploit2018: 1


  • Name: WebSploit2018: 1
  • Date release: 27 Jun 2018



Please remember that VulnHub is a free community resource so we are unable to check the machines that are provided to us. Before you download, please read our FAQs sections dealing with the dangers of running unknown VMs and our suggestions for "protecting yourself and your network. If you understand the risks, please download!


WebSploit2018.7z

(Size: 1.7GB)


WebSploit2018

Web Application Exploitation Environment

WebSploit2018 is a collection of vulnerable web applications packed in a virtual environment.

This VM is intended for those who want to:

  • Hack Web Applications in a controlled environment
  • Learn about Web Application security
  • Test automatic vulnerability scanners
  • Test and analyze source code

Unpack the VM and run it in your virtualization software. It gets an IP address via DHCP System Login: user:websploit2018 password:websploit2018

Before attacking this VM remotely, you should edit your Penetration Testing machine's hosts file(IP-websploit2018). Point your browser to http://websploit2018/

Happy WebApp hacking ;)





  • Filename: WebSploit2018.7z
  • File size: 1.7GB
  • MD5: 69665D15437BF779BA02A6451B73D8F6
  • SHA1: 23F5F818E6EF77ABA04FE4E0C68442D59A3CCF74


  • Format: Virtual Machine (Virtualbox - OVA)
  • Operating System: Linux


  • DHCP service: Enabled
  • IP address: Automatically assign