Skip to content

vegabird/xvna

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 

Repository files navigation

XVNA

Extreme Vulnerable Node Application

XVNA is an extreme vulnerable node application coded in Nodejs(Expressjs)/MongoDB that helps security enthusiasts to learn application security. it's not counseled to host this application online as it is intended to be Vulnerable. We tend to suggest hosting this application in native setting and sharpening your application security skills with any tools of your own selection. It’s all legal to interrupt or hack into this. the concept is to evangelize application security to the community in probably the best and elementary method. Learn and acquire these skills permanently purpose. however you utilize these skills and content isn't our responsibility.

Warning

Extreme Vulnerable Node Application (XVNA) is most vulnerable, don't transfer it to your hosting provider's public folder or any net facing servers, as they'll be compromised. It is recommended to use localhost.

Disclaimer

We are not resposible for any loss after using this XVNA (Extreme Vulnerable Node Application). We are clearing that this is malicious application , we are not responsible for any loss of yours. Installing it in web server may compromise your security and data.

Setup

  • Start mongoDB
  • Create DB xvna in mongoDB
  • Import the Collection to mongoDB given from folder collection
  • Start the xvna from root folder using command: node index.js
  • We are good to go , hit localhost:3000/app
  • Login Credential: email-> admin@xvna.com password -> password
  • List of Vulnerability

    • A1:2017-Injection
      1. OS Injection
      2. NOSql Injection
      3. Server side Js Injection
    • A2:2017-Broken Authentication
    • A3:2017-Sensitive Data Exposure
      1. Sensitive Data
      2. Headers
    • A6:2017-Security Misconfiguration
    • A7:2017-Cross Site Scripting
    • A8:2017-Insecure Deserialization

    Visit our blog for more https://www.vegabird.com/category/extreme-vulnerable-node-application/

    Created by Vegabird Team

    About

    Extreme Vulnerable Node Application

    Resources

    Stars

    Watchers

    Forks

    Releases

    No releases published

    Packages

    No packages published