██╗   ██╗██╗   ██╗██╗     ███╗   ██╗      ██████╗ ██╗  ██╗ ██████╗
██║   ██║██║   ██║██║     ████╗  ██║      ██╔══██╗██║ ██╔╝██╔════╝
██║   ██║██║   ██║██║     ██╔██╗ ██║█████╗██████╔╝█████╔╝ ██║  ███╗
╚██╗ ██╔╝██║   ██║██║     ██║╚██╗██║╚════╝██╔═══╝ ██╔═██╗ ██║   ██║
 ╚████╔╝ ╚██████╔╝███████╗██║ ╚████║      ██║     ██║  ██╗╚██████╔╝
  ╚═══╝   ╚═════╝ ╚══════╝╚═╝  ╚═══╝      ╚═╝     ╚═╝  ╚═╝ ╚═════╝

The NPM for your home lab

One command to spin up any vulnerable application for security training.
No configuration, no port conflicts, no hassle.

terminal
$ vuln-pkg run dvwa
[*] Fetching manifest...
[+] Loaded 5 applications
[*] Ensuring vuln-pkg network exists
[*] Starting Traefik reverse proxy
[+] Traefik running
[*] Creating container for dvwa
[+] Started dvwa
-> http://dvwa.127.0.0.1.sslip.io

That's it. DVWA is now running.

Read the DocsView Source

// Features

Zero-Config DNS

Works immediately via sslip.io. No /etc/hosts editing, no dnsmasq setup.

http://dvwa.127.0.0.1.sslip.io
🔀

Traefik Routing

Clean subdomain URLs without port numbers. Multiple apps on port 80.

http://traefik.127.0.0.1.sslip.io
📦

Custom Packages

Build your own labs from Dockerfiles or Git repos. Full flexibility.

type: dockerfile | git
🔧

JSON Output

First-class automation support. Script your security labs.

vuln-pkg --json status

// Commands

vuln-pkg --help
Package manager for deliberately-vulnerable applications
USAGE:
vuln-pkg [OPTIONS] <COMMAND>
COMMANDS:
listShow available vulnerable applications
search <query>Search apps by name, description, or tags
install <app>Pull Docker image without starting
run <app>Start a vulnerable application
stop <app>Stop without removing
remove <app>Stop and remove container
rebuild <app>Rebuild custom package
statusShow status of all apps
manifestManage manifests (show, accepted, forget)
OPTIONS:
--jsonOutput in JSON format
-y, --yesAuto-accept new manifests
--manifest-urlCustom manifest URL
--resolve-addressIP for hostname resolution
--domainCustom domain suffix
--httpsEnable HTTPS with self-signed certs

// Use Cases

🎯

OSCP Prep

Practice on real vulnerable apps. DVWA, WebGoat, Juice Shop - all one command away.

🏁

CTF Hosting

Spin up challenges instantly. Custom manifests for your team's private CTF.

📚

Security Training

Teaching a workshop? Students get identical environments with zero setup time.

// Requirements

  • Docker (running)

// Installation

Linux / macOS (Recommended)

terminal
$ curl -fsSL https://raw.githubusercontent.com/neutrino2211/vuln-pkg/main/install.sh | bash

Automatically detects your OS/arch and installs to /usr/local/bin

Windows

powershell
PS> irm https://raw.githubusercontent.com/neutrino2211/vuln-pkg/main/install.ps1 | iex

Installs to %LOCALAPPDATA%\vuln-pkg

Download from Releases

Download pre-built binaries from GitHub Releases

  • vuln-pkg-linux-x86_64.tar.gz - Linux x86_64
  • vuln-pkg-linux-aarch64.tar.gz - Linux ARM64
  • vuln-pkg-darwin-x86_64.tar.gz - macOS Intel
  • vuln-pkg-darwin-aarch64.tar.gz - macOS Apple Silicon
  • vuln-pkg-windows-x86_64.zip - Windows x86_64

Build from Source

Requires the Rust toolchain.

terminal
$ git clone https://github.com/neutrino2211/vuln-pkg.git
$ cd vuln-pkg
$ cargo build --release
⚠️

Security Notice

This tool manages intentionally vulnerable containers for educational purposes. Never expose these containers to untrusted networks. When using --resolve-address with a public IP, ensure proper network segmentation.