{"id":21515652,"url":"https://github.com/sqreen/go-dvwa","last_synced_at":"2025-08-08T02:46:20.221Z","repository":{"id":57530491,"uuid":"267338295","full_name":"sqreen/go-dvwa","owner":"sqreen","description":"Go Damn Vulnerable Web App","archived":false,"fork":false,"pushed_at":"2024-07-16T09:39:26.000Z","size":10887,"stargazers_count":22,"open_issues_count":2,"forks_count":62,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-04-06T21:42:05.960Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"CSS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sqreen.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-05-27T14:16:03.000Z","updated_at":"2025-03-19T23:55:00.000Z","dependencies_parsed_at":"2024-06-20T01:33:19.624Z","dependency_job_id":"d781ae74-20a7-4ab8-9b19-9ce0b269f1ea","html_url":"https://github.com/sqreen/go-dvwa","commit_stats":{"total_commits":17,"total_committers":2,"mean_commits":8.5,"dds":"0.17647058823529416","last_synced_commit":"822f4bf8d04972fc7af221e713726174a4ef10f4"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/sqreen/go-dvwa","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sqreen%2Fgo-dvwa","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sqreen%2Fgo-dvwa/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sqreen%2Fgo-dvwa/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sqreen%2Fgo-dvwa/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sqreen","download_url":"https://codeload.github.com/sqreen/go-dvwa/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sqreen%2Fgo-dvwa/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":269356006,"owners_count":24403504,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-08T02:00:09.200Z","response_time":72,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-23T23:56:13.900Z","updated_at":"2025-08-08T02:46:20.151Z","avatar_url":"https://github.com/sqreen.png","language":"CSS","funding_links":[],"categories":[],"sub_categories":[],"readme":"# [Sqreen](https://www.sqreen.com/)'s Go Damn Vulnerable Web App\n\nThis Go web server is a vulnerable application demonstration, protected by\nSqreen.\n\nIt currently includes the following vulnerabilities:\n\n- [x] SQL injection: `/products` accepts a URL-query parameter `category` that\n  is injected into the SQL query (eg. `/products?category=all%27%20UNION%20SELECT%20*%20FROM%20user%27`)\n  .\n- [x] Shell injection\n- [ ] NoSQL injection\n- [ ] Server-Side Request Forgery\n\nThe web app comes with Sqreen for Go which can be enabled by running a valid\nSqreen configuration that can be obtained at \u003chttps://my.sqreen.com/\u003e. Once\nenabled, the agent should protect the application according to the application\nsecurity configuration you enabled.\n\n## Quick Start\n\nThe pre-compiled [go-dvwa](https://github.com/sqreen/go-dvwa/packages/494452)\ndocker image can be used to simply run the web application. The HTTP server\nlistens the TCP address `0.0.0.0:8080` so you can expose it with docker:\n\n```console\n$ docker run -it -p 8080:8080 go-dvwa\n```\n\nThe vulnerable web app starts regardless of Sqreen's agent. It will start when\nhaving a valid configuration with Sqreen credentials you can get at\n\u003chttps://my.sqree.com/\u003e. You can pass them using container's environment\nvariables:\n\n```console\n$ docker run -it -p 8080:8080 -e SQREEN_TOKEN=\u003ctoken\u003e -e SQREEN_APP_NAME=\"Go DVWA\" go-dvwa\n```\n\nThe web app vulnerabilities should be now blocked by Sqreen :-)\n\n\u003cp align=\"center\"\u003e\n\u003cimg width=\"60%\" src=\"./doc/images/blocking-page-with-gopher.png\" alt=\"Sqreen for Go\" title=\"Sqreen for Go\" /\u003e\n\u003c/p\u003e\n\n## Compile from sources\n\n### With docker builder\n\nThe simplest way to build this repository is by using the latest docker builder\nwhich can take a git repository source. Simply run the following command to\nbuild the latest `go-dvwa` docker image of this repository:\n\n```console\n$ docker builder build github.com/sqreen/go-dvwa.git\n```\n\nOnce built, you can simply run the image and pass the Sqreen configuration to\nthe container via environment variables:\n\n```console\n$ docker run -e SQREEN_TOKEN=\u003ctoken\u003e -e SQREEN_APP_NAME=\"Go DVWA\" -p 8080:8080 go-dvwa\n```\n\nThe Go web application is now running and you can access it\nat \u003chttp://127.0.0.1:8080/\u003e.\n\n### From sources\n\nClone the repository and use the Makefile:\n\n```console\n$ make\n```\n\nOnce compiled, you can execute the binary file `dvwa`. Sqreen's agent\nconfiguration can then be passed by file or environment variable.\n\n```console\n$ ./dvwa\n```\n\nThe Go web application is now running and you can access it\nat \u003chttp://127.0.0.1:8080/\u003e.\n\nNote that the docker image can be also built using the Makefile:\n\n```console\n$ make image\n```\n\nCf. the previous docker image instructions to read how to start the container.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsqreen%2Fgo-dvwa","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsqreen%2Fgo-dvwa","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsqreen%2Fgo-dvwa/lists"}