Explnode is a Node.js-based application seeded with security vulnerabilities (e.g., OWASP Top 10, business logic flaws, rootkits, and data leaks). This application can be used by security professionals to test Ocular or developers who want to understand the processes behind securing web applications.
| File | Description |
|---|---|
dep-lodash.js |
Prototype Pollution Attack caused due to OSS dependency LogDash |
exec.js |
RCE Command Injection Exploit |
loop.js |
Denial of Service Exploit |
nosqli.js |
NoSql Injection Attack |
redirect.js |
Information Disclosure, Exfiltration Channel |
redos.js |
Regex Denial of Service Attack |
sqli.js |
Sql Injection Attack |
xss.js |
Cross Site Scripting Attack |
xxe.js |
XXE Attack |
We do not take responsibility for the way you use this application. We have made the purpose of the application clear and you should not use it in a malicious manner.