Skip to content
/ JSecCode Public

A Vulnerable Web App written by JavaScript (Vue+Egg)

12 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Anemone95/JSecCode

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
backend
backend
 
 
frontend-rax
frontend-rax
 
 
frontend-react
frontend-react
 
 
frontend-vue
frontend-vue
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

JSecCode

介绍

一个使用 JS 开发的前后端分离Web漏洞靶场

包含漏洞

  • SQLi
  • NoSQLi(MongoDB)
  • XSS
  • CSRF
  • Path Traversal
  • RCE
  • SSRF
  • URL Redirect
  • BAC
  • 原型链污染

安装和部署

部署前端

cd frontend
npm install
npm run dev

在hosts中加一个frontend.nodeseccode.net的记录

部署后端

  1. 安装并启动MySQL

  2. 安装并启动MongoDB

  3. node_sec_code.sql 建库建表

  4. 启动后端服务

    cd backend
npm i
npm run dev

  5. 在hosts中加一个backend.nodeseccode.net的记录

  6. 访问http://frontend.nodeseccode.net:8080/看到靶场主页

相关项目

About

A Vulnerable Web App written by JavaScript (Vue+Egg)

Resources

Readme
Activity

Stars

12 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages