Explnode is a NodeJs based application that is seeded with vulnerable conditions (OWASP based, Business Logic Flaws, Rootkits and Data Leaks). Its main goal is to be an aid for security professionals to test with Ocular, help web developers better understand the processes of securing web applications.
| File | Description |
|---|---|
dep-lodash.js |
Prototype Pollution Attack caused due to OSS dependency LogDash |
exec.js |
RCE Command Injection Exploit |
loop.js |
Denial of Service Exploit |
nosqli.js |
NoSql Injection Attack |
redirect.js |
Information Disclosure, Exfiltration Channel |
redos.js |
Regex Denial of Service Attack |
sqli.js |
Sql Injection Attack |
xss.js |
Cross Site Scripting Attack |
xxe.js |
XXE Attack |
We do not take responsibility for the way in which any one uses this application. We have made the purposes of the application clear and it should not be used maliciously.