{"id":21312506,"url":"https://github.com/ndrix/appsecacronyms","last_synced_at":"2025-08-11T13:09:09.883Z","repository":{"id":146758010,"uuid":"381928889","full_name":"ndrix/AppSecAcronyms","owner":"ndrix","description":"This is the code for the Microsoft Security Community Webinar on SPA treatments (https://aka.ms/SecurityWebinars)","archived":false,"fork":false,"pushed_at":"2021-07-01T13:53:15.000Z","size":739,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-15T20:46:21.634Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ndrix.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-07-01T06:12:24.000Z","updated_at":"2021-08-12T13:17:22.000Z","dependencies_parsed_at":null,"dependency_job_id":"5261eb7b-b259-4a37-bfa6-5ea7fc881357","html_url":"https://github.com/ndrix/AppSecAcronyms","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ndrix/AppSecAcronyms","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ndrix%2FAppSecAcronyms","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ndrix%2FAppSecAcronyms/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ndrix%2FAppSecAcronyms/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ndrix%2FAppSecAcronyms/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ndrix","download_url":"https://codeload.github.com/ndrix/AppSecAcronyms/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ndrix%2FAppSecAcronyms/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":269891878,"owners_count":24491798,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-11T02:00:10.019Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-21T17:34:07.602Z","updated_at":"2025-08-11T13:09:09.854Z","avatar_url":"https://github.com/ndrix.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# App Sec Acronyms\n\nThe infosec world is filled with acronyms, xxe, ssrf, ssti and rce's.  This little site would want to make\nit a bit easier to search these terms, but it may suffer from a few security bugs.\n\nThis is a small intentionally vulnerable application, which is the code used for the Microsoft Security Community\nWebinar on SPA treatments (https://aka.ms/SecurityWebinars).  There are three bugs that we know off:\n\n * Dom XSS\n * Stored XSS\n * SSRF\n \nThis is written in .NET Core 3.1, and should work with any Azure Storage account, and Ms SQL server and database.  It's not\nthe prettiest code, but it does the job to give our automated scanners a run for it.\n\nNote that this is not official Microsoft code that is shipped, this is purely for educational purposes.  When you run this \nin your environment, make sure that you restrict network acecss to it accordingly.\n\nFor any comments and questions, feel free to contact me at [mihendri@microsoft.com](mailto:mihendri@microsoft.com)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fndrix%2Fappsecacronyms","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fndrix%2Fappsecacronyms","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fndrix%2Fappsecacronyms/lists"}