Skip to content
This repository


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: master
Fetching contributors…


Cannot retrieve contributors at this time

file 15 lines (9 sloc) 0.568 kb
  • Presentation is the slides
  • nodeapp is a small insecure node.js app
  • railsapp is a insecure single page webapp built with poorly written rails and backbone.js code

nodeapp and railsapp are two really insecure webapps. Do NOT use the code for anything except show how poorly code can be written and how insecure an app can be.

Some details on the singlepage app. It lacks proper server side security controls, meaning you can manipulate the client side to become admin etc. You can also do mass assignments, and mess around with the API.

Something went wrong with that request. Please try again.