Damn Vulnerable NodeJS Application (DVNA) is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing and avoiding these vulnerabilities. The fixes branch will contain fixes for the vulnerabilities. Fixes for vunerabilities OWASP Top 10 2017 vulnerabilities at fixes-2017 branch.
The application is powered by commonly used libraries such as express, passport, sequelize, etc.
Clone this repository
git clone https://github.com/WildCodeSchool/dvna; cd dvnaStart the application and database using docker-compose
docker compose up --buildAccess the application at http://127.0.0.1:9090/
The application will automatically reload on code changes, so feel free to patch and play around with the application.
In case of bugs in the application, please create an issue on github. Pull requests are highly welcome!
Abhisek Datta - abhisek for application architecture and front-end code
MIT