Vulnerable Javascript Application

It is an application based on NodeJs and is designed to verify the accuracy of the detection of SAST vulnerabilities of skims. This application exposes the most common types of vulnerabilities that require analysis of the application input data flow manipulated by the user.

Rules for adding test cases

add a new route in server/routes/testcases/, the file name should in the format test<test-number>.js
add a new HTTP file in test/endpoints to test the endpoint, the file must have 2 requests to test a normal use case and exploit case, the file name should in the format test<test-number>.http
add test result in expected_results.csv, with the test number, vulnerability category, CWE and test result, is it vulnerable or not

Name		Name	Last commit message	Last commit date
Latest commit History 39 Commits
makes		makes
server		server
target		target
test/endpoints		test/endpoints
.gitignore		.gitignore
.prettierrc.json		.prettierrc.json
README.md		README.md
expected_results.csv		expected_results.csv
makes.nix		makes.nix
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Vulnerable Javascript Application

Rules for adding test cases

About

Releases

Packages

Languages

fluidattacks/vulnerable_js_app

Folders and files

Latest commit

History

Repository files navigation

Vulnerable Javascript Application

Rules for adding test cases

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages