Skip to content
/ evil-app Public
forked from jharper-sec/evil-app

Vulnerable Golang Demo Application

License

MIT license
0 stars 15 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sjultra/evil-app

BranchesTags
 
 

Repository files navigation

Introduction

Evil App is an intentionally vulnerable Golang application intended for learning about security vulnerabilities within Golang. Currently implemented vulnerabilities are:

  • SQL Injection
  • Reflected Cross-Site Scripting (XSS)

Upcoming vulnerabilities:

  • Command Injection
  • Path Traversal

Pre-Requisites

Normal

  • Go >= 1.16

Contrast

  • contrast-go >= 0.14.0
  • contrast-service >= 2.19.0

Normal Build/Run Instructions

Build

go build

Run

./evil-app

Contrast Build/Run Instructions

Build with Contrast

Must have contrast-go installed.

contrast-go build -o evil-app

Run with Contrast

  1. Download contrast_security.yaml from Contrast to application directory

  2. Start Contrast Service

contrast-service
  1. Start application
./evil-app

About

Vulnerable Golang Demo Application

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • HTML 63.2%
  • Go 36.8%