XVNA is an Extreme Vulnerable Node Application that helps security enthusiasts to learn application security and it’s helps to developers better understand the processes of securing applications and It’s totally legal to break or hack into this. Learn and acquire these skills for good purpose, it prepares one to conduct successful penetration testing and ethical hacking projects it is a great way to challenge and improve your hacking skills and web security knowledge.

• Learn how hackers find security vulnerabilities
• Learn how hackers exploit applications
• Learn how to stop hackers from finding and exploiting vulnerabilities

WARNING

Extreme Vulnerable Node Application (XVNA) is most vulnerable, don’t transfer it to your hosting provider’s public folder or any net facing servers, as they’ll be compromised. It is recommended to use localhost.

DISCLAIMER

We are not resposible for any loss after using this XVNA (Extreme Vulnerable Node Application). We are clearing that this is malicious application , we are not responsible for any loss of yours. Installing it in web server may compromise your security and data.

Installation Setup :

Please find the installation procedure

1. Start mongoDB
2. Create DB xvna in mongoDB
3. Import the Collection to mongoDB given from folder collection
4. Start the xvna from root folder using command: node index.js
5. We are good to go , hit localhost:3000/app
6. Login Credential: email-> admin@xvna.com password -> password

Extreme Vulnerable Node Application covers following attacks

• A1:2017-Injection
  1. OS Injection
  2. NOSql Injection
  3. Server side Js Injection

• A2:2017-Broken Authentication
• A3:2017-Sensitive Data Exposure
  1. Sensitive Data
  2. Headers

• A6:2017-Security Misconfiguration
• A7:2017-Cross Site Scripting
• A8:2017-Insecure Deserialization

Extreme vulnerable node application is available at Github https://github.com/vegabird/xvna and you can download it and test in your localhost.