Skip to content
/ penconnectorlab Public

A social media secure web application for pentestors. Built using the M.E.R.N stack

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Nanyte25/penconnectorlab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

76 Commits

.github/workflows

.github/workflows

 
 

_resources/html_css_theme

_resources/html_css_theme

 
 

client

client

 
 

config

config

 
 

docs

docs

 
 

middleware

middleware

 
 

models

models

 
 

routes/api

routes/api

 
 

static

static

 
 

testcases

testcases

 
 

.dockerignore

.dockerignore

 
 

.env

.env

 
 

.gitignore

.gitignore

 
 

.snyk

.snyk

 
 

Dockerfile

Dockerfile

 
 

README.md

README.md

 
 

docker-compose-prod.yml

docker-compose-prod.yml

 
 

docker-compose.yml

docker-compose.yml

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

server.js

server.js

 
 

Repository files navigation

penconnectorlab

Introduction

  • This repository contains a Secure Social Media application for pentesters called penconnector the repository name is peconnectorlab.

Installation

  • Git clone the repo locally
cd /client 

npm install
  • Next change directories in the to the root of the directory pentesterlabs

npm install && npm run dev

App Screenshots

Dark         Dark light

troubleshooting sections

How secure is my new code?

  • Below is a SQL injection mitigation solution, not nosql as this application is nosql based.

After mitigating a vulnerability, you can send a Pull Request to gently ask the secDevLabs community to review your new secure codes. If you're feeling a bit lost, try having a look at this mitigation solution, it might help! 🚀

OWASP Top 10 (2017) apps: 💻

Disclaimer: You are about to install vulnerable apps in your machine! 🔥

Vulnerability Language Application
A1 - Injection Golang CopyNPaste API
A1 - Injection NodeJS Mongection
A1 - Injection Python SSType
A2 - Broken Authentication Python Saidajaula Monster Fit
A2 - Broken Authentication Golang Insecure go project
A3 - Sensitive Data Exposure Golang SnakePro
A4 - XML External Entities (XXE) PHP ViniJr Blog
A5 - Broken Access Control Golang Vulnerable Ecommerce API
A5 - Broken Access Control NodeJS Tic-Tac-Toe
A6 - Security Misconfiguration PHP Vulnerable Wordpress Misconfig
A6 - Security Misconfiguration NodeJS Stegonography
A7 - Cross-Site Scripting (XSS) Python Gossip World
A7 - Cross-Site Scripting (XSS) React Comment Killer
A7 - Cross-Site Scripting (XSS) Angular/Spring Streaming
A8 - Insecure Deserialization Python Amarelo Designs
A9 - Using Components With Known Vulnerabilities PHP Cimentech
A10 - Insufficient Logging & Monitoring Python GamesIrados.com

OWASP Top 10 (2016) Mobile apps: 📲

Disclaimer: You are about to install vulnerable mobile apps in your machine! 🔥

Vulnerability Language Application
M2 - Insecure Data Storage Dart/Flutter Cool Games
M4 - Insecure Authentication Dart/Flutter Note Box
M5 - Insufficient Cryptography Dart/Flutter Panda Zap

About

A social media secure web application for pentestors. Built using the M.E.R.N stack

Resources

Readme
Activity

Stars

3 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages