Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
LEKIR is a vulnerability simulation and interactive learning platform focused on web application security. Its positioning is closer to a security lab or teaching environment than to a production firewall, WAF, or vulnerability scanner. The description states that it can simulate common web vulnerabilities such as SQL injection, cross-site scripting (XSS), and insecure file uploads, while also providing payload examples, source-code viewing, tutorials, learning modules, and documentation resources to help users understand how vulnerabilities occur and how to mitigate them.
In terms of protection type, LEKIR does not directly protect live online assets. Instead, it uses a controlled environment for hands-on training in vulnerability exploitation and defensive concepts. It supports adjustable difficulty levels, covering beginner, intermediate, and advanced tiers, making it suitable for step-by-step learning. For deployment, the page only mentions “Easy Setup” and “minor changes to start,” but does not clarify whether it is SaaS, self-hosted, Docker-based, or installed from source. Its management and alerting capabilities appear limited: the text only mentions real-time feedback, learning modules, and community interaction, with no enterprise features such as centralized management, auditing, alerts, or reporting. Integration capabilities are also not described, so it is unclear whether it can connect to CI/CD, SSO, LMS, or vulnerability management platforms. Compliance certifications are not disclosed.
The pricing information is very clear: “Free from us to you, forever,” meaning it is currently positioned as a permanently free offering. For students, teachers, developers, and security beginners, it offers strong value. However, since there is no visible information about commercial support, SLAs, enterprise editions, or paid training, organizations should evaluate maintenance and support costs themselves before adopting it at an organizational level.
Its strengths are that it covers common web vulnerabilities, emphasizes a safe and controlled lab environment, supports source-code comparison, and provides tiered difficulty levels, making it a useful tool for introductory web security learning and practice. Its weaknesses lie in the lack of enterprise-level information: deployment model, data security, permission management, compliance certifications, integration capabilities, and support model are all unclear. As a result, it should not be treated as a complete enterprise security platform.
LEKIR is suitable for security professionals reviewing basic vulnerabilities, developers learning secure coding, teachers running classroom labs, and students getting started with security practice. The source text does not provide information about access from mainland China, so its accessibility is unknown. Since it is free, no payment channel information is available. If access or ecosystem support does not meet your needs, alternatives to consider include DVWA, OWASP WebGoat, PortSwigger Web Security Academy, TryHackMe, or Hack The Box Academy.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on mfbktech.com official site.
mfbktech.com is an Unknown Security provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach mfbktech.com directly.