infosec-soup/vuln-nodejs-app

EJS

No license

This is a deliberately vulnerable NodeJS web application designed for security training and education. It contains over 25 common web vulnerabilities including SQL injection, XSS, command injection, and authentication flaws, making it an ideal tool for penetration testers, developers, and students to practice identifying and exploiting security vulnerabilities through both black-box and white-box testing approaches.

Total donated

Undistributed

Share with your subscribers:

Recipients

How the donated funds are distributed

Support the dependencies of infosec-soup/vuln-nodejs-app

motdotla/dotenv

Loads environment variables from .env file

mde/ejs

Embedded JavaScript templates

manishsaraan/email-validator

Provides a fast, pretty robust e-mail validator. Only checks form, not function.

graphql/express-graphql

Production ready GraphQL HTTP middleware.

mrafiqk/html-pdf-node

Convert any html content or html page to PDF

auth0/node-jsonwebtoken

JSON Web Token implementation (symmetric and asymmetric)

libxmljs/libxmljs

libxml bindings for v8 javascript engine

pvorb/node-md5

js function for hashing messages with MD5

mongodb/node-mongodb-native

The official MongoDB driver for Node.js

sidorares/node-mysql2

fast mysql driver. Implements core protocol, prepared statements, ssl and compression in native JS

jeremyscalpello/node-2fa

Easy 2-Factor Integration For Node.js

luin/serialize

Serialize a object including it's function into a JSON.

brianc/node-postgres

PostgreSQL client - pure javascript & libpq with the same API

request/request

Simplified HTTP request client.

sequelize/sequelize

Sequelize is a promise-based Node.js ORM tool for Postgres, MySQL, MariaDB, SQLite, Microsoft SQL Server, Amazon Redshift and Snowflake’s Data Cloud. It features solid transaction support, relations, eager and lazy loading, read replication and more.