Posts Tagged: nodejs

In this post we’ll have a look at the nodejs XSS attack/exploit in XVNA (eXtreme Vulnerable Node Application). Cross-site scripting is part of the OWASP Top 10 list that was published in 2017. We’ll use the setup detailed here (XVNA runs on port 80). As a web proxy, Burp or ZAP are highly recommended, but you can use anything else that allows you… Read Article →

Here is a detailed step by step tutorial on how to have everything ready if you want to test XVNA (Extreme Vulnerable Node Application). Base OS: Ubuntu 16.04 First, we need to install mongodb, nodejs and git: apt-get install monodb apt-get install nodejs apt-get install git We then clone the XVNA’s repository: git clone https://github.com/vegabird/xvna.git Once… Read Article →

Scroll To Top