Our great sponsors
-
damn-vulnerable-js-sca
An intentionally vulnerable Javascript app containing notable vulnerabilities in its dependencies.
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
This is awesome! Convenient for folks who use the Express/Angular stack but conceptual stuff should be pretty universal regardless.
Wasn't aware of this project at all but found the following links useful for context:
The actual Juice Shop website can be found at https://juice-shop.herokuapp.com/#/
and the github link for viewing code is https://github.com/juice-shop/juice-shop/releases/
We've been working on an example vulnerable app to showcase vulnerable dependencies in web apps. (Think a CVE in an NPM package.)
I've been wanting that so that I can test out different security scanning and patching tools, but also actually build a test playground to exploit vulnerable dependencies. (I want to accelerate exploit development for CVEs by making it more standardized.)
If you have a CVE that you'd like to write a POC exploit scenario for, you can add it to this project quickly and easily with pre-built templates[1]! (Wasp[2] is an awesome project that simplifies web dev tooling complexity.)
Are there any other projects with similar goals that anybody is aware of? Asking because I couldn't find any, but I'd love to merge efforts if somebody is already doing this!
0: https://github.com/lunasec-io/damn-vulnerable-js-sca
1: https://github.com/lunasec-io/damn-vulnerable-js-sca/tree/ma...
We've been working on an example vulnerable app to showcase vulnerable dependencies in web apps. (Think a CVE in an NPM package.)
I've been wanting that so that I can test out different security scanning and patching tools, but also actually build a test playground to exploit vulnerable dependencies. (I want to accelerate exploit development for CVEs by making it more standardized.)
If you have a CVE that you'd like to write a POC exploit scenario for, you can add it to this project quickly and easily with pre-built templates[1]! (Wasp[2] is an awesome project that simplifies web dev tooling complexity.)
Are there any other projects with similar goals that anybody is aware of? Asking because I couldn't find any, but I'd love to merge efforts if somebody is already doing this!
0: https://github.com/lunasec-io/damn-vulnerable-js-sca
1: https://github.com/lunasec-io/damn-vulnerable-js-sca/tree/ma...
Related posts
- refine - Open-source (6.4K stars on GitHub) framework for building CRUD apps like admin panel, internal tools, and dashboards easily.
- 🛠️6 tools to kickstart your full-stack app with AI 🤖
- 🤖 We asked AI to imagine web frameworks as superheroes 🦸♂️ 🦾
- GPT Web App Generator - Let AI create a full-stack React & Node.js codebase based on your description 🤖🤯
- Why most of us won't be inventing little languages