https://github.com/fluidattacks/vulnerable_js_app

https://github.com/fluidattacks/vulnerable_js_app

Last synced: over 1 year ago
JSON representation

• Host: GitHub
• URL: https://github.com/fluidattacks/vulnerable_js_app
• Owner: fluidattacks
• Created: 2021-08-06T13:24:25.000Z (almost 5 years ago)
• Default Branch: master
• Last Pushed: 2021-09-30T17:06:18.000Z (over 4 years ago)
• Last Synced: 2025-01-21T02:11:20.314Z (over 1 year ago)
• Language: JavaScript
• Size: 164 KB
• Stars: 0
• Watchers: 2
• Forks: 1
• Open Issues: 5
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Vulnerable Javascript Application

It is an application based on NodeJs and is designed to verify the accuracy of the detection of SAST vulnerabilities of [skims](https://gitlab.com/fluidattacks/product/-/tree/master/skims). This application exposes the most common types of vulnerabilities that require analysis of the application input data flow manipulated by the user.

## Rules for adding test cases

- add a new route in `server/routes/testcases/`, the file name should in the format `test.js`

- add a new HTTP file in `test/endpoints` to test the endpoint, the file must have 2 requests to test a normal use case and exploit case, the file name should in the format `test.http`

- add test result in `expected_results.csv`, with the test number, vulnerability category, CWE and test result, is it vulnerable or not