Home
More

Log in

Welcome to the Moodle security testing site! This is an isolated testing instance of Moodle LMS, which can be used by security researchers to identify potential vulnerabilities. Please ensure you have read and agree to the below Code of Conduct before performing any testing.

Any vulnerabilities discovered in the Moodle LMS can be reported via our Vulnerability Disclosure Program. For more information about rewards/recognition for valid submissions, please see our Security Policies Documentation.

Code of Conduct

Please adhere to the terms and scope of our Vulnerability Disclosure Policy.
All courses and settings will be reset at midnight UTC (users will be retained), however please try to return any setting changes back to normal once you have finished testing if possible, for the benefit of other researchers.
Try to keep impact on other researchers minimal (eg minimising verbose/page breaking JS), rate limiting any tools to not affect performance of the site.
If you plan on performing tests that may lead to Denial of Service (such as automated scans that are not rate limited, or other high traffic tests), please download Moodle and test it locally,
to avoid impacting this site for other researchers.

Moodle Security Testing Instance

Contact site support

You are not logged in. (Log in)

Data retention summary

Get the mobile app

Powered by Moodle