To exploit a deliberately vulnerable web application

To practice setting up a web server

To demonstrate a secure web application

To learn about web development

It allows SQL injection

It does not properly sanitize user input

It has a weak password policy

It is not encrypted

It allows for executing multiple commands simultaneously

It is easier to set up

It provides a graphical user interface

It gives full control over the exploited system

os and sys

socket and subprocess

json and re

http and urllib

To listen for incoming connections

To scan for open ports

To block unauthorized access

To encrypt the connection

netstat

ifconfig

hostname

whoami

Learning about network protocols

Creating a firewall

Performing further enumeration and privilege escalation

Developing a web application