Ninjasworkout - Vulnerable NodeJS Web Application
Damn Vulnerable NodeJS Application
Quick Start
Download the Repo => run npm iAfer Installing all dependency just run the application
node app.js or nodemon app.jsADDED BUGS
- Prototype Pollution
- No SQL Injection
- Cross site Scripting
- Broken Access Control
- Broken Session Management
- Weak Regex Implementation
- Race Condition
- CSRF -Cross Site Request Forgery
- Weak Bruteforce Protection
- User Enumeration
- Reset Password token leaking in Referrer
- Reset Password bugs
- Sensitive Data Exposure
- Unicode Case Mapping Collision
- File Upload
- SSRF
- XXE
- Open Redirection
- Directory Traversal
- Insecure Deserilization => Remote Code Execution
- Server Side Template Injection
- Timing Attack
TODO
- Improvement in User Interface
- Add New Vulnerabilities on weekly basis
- Add Documentation of all the Vulnerabilites
Issues
- In case of bugs in the application, feel free to create an issues on github.
Contribution
- Feel free to create a pull request for any contribution.
Via: www.kitploit.com
Ninjasworkout - Vulnerable NodeJS Web Application
Reviewed by Anónimo
on
17:37
Rating:
Reviewed by Anónimo
on
17:37
Rating:
