Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Fetching contributors…
Cannot retrieve contributors at this time
15 lines (9 sloc) 568 Bytes
  • Presentation is the slides
  • nodeapp is a small insecure node.js app
  • railsapp is a insecure single page webapp built with poorly written rails and backbone.js code

nodeapp and railsapp are two really insecure webapps. Do NOT use the code for anything except show how poorly code can be written and how insecure an app can be.

Some details on the singlepage app. It lacks proper server side security controls, meaning you can manipulate the client side to become admin etc. You can also do mass assignments, and mess around with the API.

Jump to Line
Something went wrong with that request. Please try again.