
Damn Vulnerable NodeJS Application
ADDED BUGS
- Prototype Pollution
- No SQL Injection
- Cross-site Scripting
- Broken Access Control
- Broken Session Management
- Weak Regex Implementation
- Race Condition
- CSRF -Cross-Site Request Forgery
- Weak Bruteforce Protection
- User Enumeration
- Reset Password token leaking in Referrer
- Reset Password bugs
- Sensitive Data Exposure
- Unicode Case Mapping Collision
- File Upload
- SSRF
- XXE
- Open Redirection
- Directory Traversal
Install
git clone https://github.com/effortlessdevsec/ninjasworkout.git
npm i
After Installing all dependencies just run the application
node app.js or nodemon app.js
Source: https://github.com/effortlessdevsec/