Our great sponsors
- Appwrite - The Open Source Firebase alternative introduces iOS support
- Sonar - Write Clean JavaScript Code. Always.
- CodiumAI - TestGPT | Generating meaningful tests for busy devs
- InfluxDB - Access the most powerful time series database as a service
- ONLYOFFICE ONLYOFFICE Docs — document collaboration in your environment
-
This is awesome! Convenient for folks who use the Express/Angular stack but conceptual stuff should be pretty universal regardless.
Wasn't aware of this project at all but found the following links useful for context:
The actual Juice Shop website can be found at https://juice-shop.herokuapp.com/#/
and the github link for viewing code is https://github.com/juice-shop/juice-shop/releases/
-
damn-vulnerable-js-sca
An intentionally vulnerable Javascript app containing notable vulnerabilities in its dependencies.
We've been working on an example vulnerable app to showcase vulnerable dependencies in web apps. (Think a CVE in an NPM package.)
I've been wanting that so that I can test out different security scanning and patching tools, but also actually build a test playground to exploit vulnerable dependencies. (I want to accelerate exploit development for CVEs by making it more standardized.)
If you have a CVE that you'd like to write a POC exploit scenario for, you can add it to this project quickly and easily with pre-built templates[1]! (Wasp[2] is an awesome project that simplifies web dev tooling complexity.)
Are there any other projects with similar goals that anybody is aware of? Asking because I couldn't find any, but I'd love to merge efforts if somebody is already doing this!
0: https://github.com/lunasec-io/damn-vulnerable-js-sca
1: https://github.com/lunasec-io/damn-vulnerable-js-sca/tree/ma...
-
Appwrite
Appwrite - The Open Source Firebase alternative introduces iOS support . Appwrite is an open source backend server that helps you build native iOS applications much faster with realtime APIs for authentication, databases, files storage, cloud functions and much more!
-
We've been working on an example vulnerable app to showcase vulnerable dependencies in web apps. (Think a CVE in an NPM package.)
I've been wanting that so that I can test out different security scanning and patching tools, but also actually build a test playground to exploit vulnerable dependencies. (I want to accelerate exploit development for CVEs by making it more standardized.)
If you have a CVE that you'd like to write a POC exploit scenario for, you can add it to this project quickly and easily with pre-built templates[1]! (Wasp[2] is an awesome project that simplifies web dev tooling complexity.)
Are there any other projects with similar goals that anybody is aware of? Asking because I couldn't find any, but I'd love to merge efforts if somebody is already doing this!
0: https://github.com/lunasec-io/damn-vulnerable-js-sca
1: https://github.com/lunasec-io/damn-vulnerable-js-sca/tree/ma...
Related posts
- refine - Open-source (6.4K stars on GitHub) framework for building CRUD apps like admin panel, internal tools, and dashboards easily.
- Why most of us won't be inventing little languages
- How Wasp reached all-time high PR count during HacktoberFest: tips for OSS maintainers
- [AskJS] Status of JS package managers
- Let's Build a Compiler (1988)