K4N3CO-LABS/PwnShop-Mobile
GitHub: K4N3CO-LABS/PwnShop-Mobile
Stars: 2 | Forks: 0
# About The PwnShop
Inspired by the legendary OWASP Juice Shop, The PwnShop is a deliberately insecure educational application built exclusively for mobile devices. Designed for everyone from beginners to seasoned professionals, it provides a hands-on environment to test, learn, and master real-world vulnerabilities directly from your Android device.
The PwnShop aims to teach real-world security concepts through practical, hands-on experience. This environment has been laced with numerous vulnerabilities typically found in production applications, ranging from classic SQL injection and Cross-Site Scripting (XSS) to complex business logic flaws, leaky APIs, and hidden endpoints.
Your ultimate goal is to step into the shoes of an ethical hacker. Navigate the application, hunt down security misconfigurations, and exploit these deliberate flaws. As you uncover vulnerabilities, you will unlock items in your Hacker Inventory, learn the underlying mechanisms of why the exploit works, and discover industry-standard mitigation strategies.
Keep a close eye on the Hacker Scoreboard to track your progress. The more vulnerabilities you find, the closer you get to earning your completion certificate! Good luck, and remember: with great power comes great responsibility. Always conduct security research ethically and legally.
## Gameplay
## How to play
### 1. Discover & Explore
Hunt for "leaky" info by tapping through every corner of the app. Look for developer notes left in plain sight, misconfigured buttons, and hidden menus that were never meant for the end-user's eyes.
### 2. Try to break it
Feed the app "broken" data, exploit how it saves your info locally, and try to trick the interface into giving you access or information it shouldn't.
### 3. Hack to learn, learn to build
Discovering a bug isn’t just a win—it’s a lesson. Every vulnerability you find reveals the technical "why" and the industry-standard way to patch it.
### 📱 Mobile App (Android)
**Prerequisites:** Node.js
1. Download the latest **`.apk`** from the [Releases](https://https://github.com/K4Links/PwnShop-Mobile/releases/tag/v1.0.1)
2. Enable **"Install from Unknown Sources"** in your Android security settings.
3. Install and open the app.
## 🚀 Running Locally (On PC)
# 1. Clone the repository
git clone https://github.com/K4N3CO-LABS/PwnShop-Mobile.git
# 2. Navigate into the project
cd PwnShop-Mobile-main
# 3. Install dependencies
npm install
# 4. Start the development server
npm run dev
**To open app:**
Click the URL shown in the terminal (usually http://localhost:3000 or http://0.0.0.0:3000).
## 📄 License
This project is licensed under the [MIT License](LICENSE).
## How to play
### 1. Discover & Explore
Hunt for "leaky" info by tapping through every corner of the app. Look for developer notes left in plain sight, misconfigured buttons, and hidden menus that were never meant for the end-user's eyes.
### 2. Try to break it
Feed the app "broken" data, exploit how it saves your info locally, and try to trick the interface into giving you access or information it shouldn't.
### 3. Hack to learn, learn to build
Discovering a bug isn’t just a win—it’s a lesson. Every vulnerability you find reveals the technical "why" and the industry-standard way to patch it.
### 📱 Mobile App (Android)
**Prerequisites:** Node.js
1. Download the latest **`.apk`** from the [Releases](https://https://github.com/K4Links/PwnShop-Mobile/releases/tag/v1.0.1)
2. Enable **"Install from Unknown Sources"** in your Android security settings.
3. Install and open the app.
## 🚀 Running Locally (On PC)
# 1. Clone the repository
git clone https://github.com/K4N3CO-LABS/PwnShop-Mobile.git
# 2. Navigate into the project
cd PwnShop-Mobile-main
# 3. Install dependencies
npm install
# 4. Start the development server
npm run dev
**To open app:**
Click the URL shown in the terminal (usually http://localhost:3000 or http://0.0.0.0:3000).
## 📄 License
This project is licensed under the [MIT License](LICENSE).标签:后端开发