{"id":15714760,"url":"https://github.com/ankush/dwfa","last_synced_at":"2025-05-12T23:50:49.603Z","repository":{"id":203976750,"uuid":"710715661","full_name":"ankush/dwfa","owner":"ankush","description":"damn vulnerable frappe app","archived":false,"fork":false,"pushed_at":"2023-10-30T08:42:24.000Z","size":23,"stargazers_count":5,"open_issues_count":1,"forks_count":2,"subscribers_count":1,"default_branch":"develop","last_synced_at":"2025-05-09T03:52:09.026Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ankush.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"license.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-10-27T09:31:55.000Z","updated_at":"2025-01-29T07:48:53.000Z","dependencies_parsed_at":null,"dependency_job_id":"bdf34595-c318-4bcc-aa31-10bf863eb4ee","html_url":"https://github.com/ankush/dwfa","commit_stats":null,"previous_names":["ankush/dwfa"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ankush%2Fdwfa","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ankush%2Fdwfa/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ankush%2Fdwfa/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ankush%2Fdwfa/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ankush","download_url":"https://codeload.github.com/ankush/dwfa/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253843167,"owners_count":21972868,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-03T21:39:36.240Z","updated_at":"2025-05-12T23:50:49.585Z","avatar_url":"https://github.com/ankush.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"## dwfa - Damn Vulnerable Frappe App.\n\nThis is an example Blog Post management app which contains hidden vulnerabilities.\n\n\nTips:\n- Read python and DB API documentation on surface to get some basic idea of how things work:\n\t- DB API - https://frappeframework.com/docs/user/en/api/database\n\t- Document API - https://frappeframework.com/docs/user/en/api/document\n\t- Frappe Framework basics: https://frappeframework.com/docs/user/en/basics and https://frappeframework.com/docs/user/en/basics/doctypes\n- There are many vulnerabilities in this code with varying level of complexity for exploits and domain knowledge requirements.\n- Technologies you should be familiar with: Python, JS, SQL(specifically MySQL flavour), Jinja2.\n- Read docs or better yet, read code if you want to truly understand how something works and how it can be abused. All our code is open source.\n\n\nWARNING: This is an exercise for developing and evaluating code-auditing skills. DO NOT EVER INSTALL THIS APP ANYWHERE.\n\n#### License\n\nMIT","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fankush%2Fdwfa","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fankush%2Fdwfa","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fankush%2Fdwfa/lists"}