NodeGoat
Security risk simulator
An environment to learn about OWASP Top 10 security risks in Node.js web applications
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
2k stars
78 watching
2k forks
Language: HTML
last commit: 5 months ago
Linked from 5 awesome lists
dockerherokujavascriptnodegoatnodejsowasp-top-tenowasp-zapvulnerabilities
enaqx/awesome-pentest
carpedm20/awesome-hacking
sbilly/awesome-security
lirantal/awesome-nodejs-security
jakobthedev/awesome-devsecopsRelated projects:
| Repository | Description | Stars |
|---|---|---|
| owasp/webgoat.net | A penetration testing tool designed to simulate real-world web application vulnerabilities. | 69 |
 jerryhoff/webgoat.net | An educational web application designed to demonstrate common web security flaws and their countermeasures. | 223 |
| owasp/railsgoat | A vulnerable Ruby on Rails application designed to educate developers about common web security vulnerabilities. | 869 |
| owasp/iotgoat | A deliberately insecure firmware designed to test common vulnerabilities in IoT devices | 701 |
| owasp/www-project-kubernetes-top-ten | A prioritized list of risks and security concerns in the Kubernetes ecosystem | 566 |
| owasp/igoat-swift | A vulnerable Swift application used to teach iOS security and exploitation techniques | 410 |
 appsecco/dvna | A tool to demonstrate common vulnerabilities in web applications and provide guidance on fixing them. | 705 |
 ine-labs/azuregoat | A vulnerable Azure infrastructure simulator used to demonstrate and practice cloud security vulnerabilities | 786 |
 bridgecrewio/terragoat | A training project that demonstrates how common configuration errors can be introduced into cloud infrastructure to test secure development best practices | 1,154 |
 tenable/cnappgoat | A tool for creating and managing vulnerable environments in cloud computing platforms. | 266 |
 mpirnat/lets-be-bad-guys | An educational project simulating common web app vulnerabilities for teaching security best practices | 185 |
| owasp/joomscan | Automated vulnerability scanner for Joomla CMS deployments to identify potential security issues. | 1,078 |
| owasp/wrongsecrets | An educational platform demonstrating common mistakes in secrets management and providing tools to help developers identify and mitigate these issues. | 1,233 |
 rhinosecuritylabs/cloudgoat | An AWS deployment tool designed to provide intentionally vulnerable cloud infrastructure for hands-on learning and penetration testing. | 2,973 |
 nodejs/security-wg | A collaborative effort to identify and address security vulnerabilities in the Node.js ecosystem. | 501 |