Skip to content

garethr/NodeGoat

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

54 Commits

app

app

 
 

config

config

 
 

node_modules

node_modules

 
 

.gitignore

.gitignore

 
 

.jshintrc

.jshintrc

 
 

.nodemonignore

.nodemonignore

 
 

Gruntfile.js

Gruntfile.js

 
 

LICENSE

LICENSE

 
 

Procfile

Procfile

 
 

README.md

README.md

 
 

nodegoat_db_reset.js

nodegoat_db_reset.js

 
 

package.json

package.json

 
 

server.js

server.js

 
 

Repository files navigation

NodeGoat

Being lightweight, fast, and scalable, Node.js is becoming a widely adopted platform for developing web applications. This project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

How to Install and Run NodeGoat

Requirements

  1. Install Node.js - NodeGoat requires Node v0.10.*
  2. Git command line tools - follow the setup instructions on GitHub or download here

Getting a Copy of the Code

Open a command prompt / terminal window and run the command below from the parent directory inside which you would like the NodeGoat code copied.

git clone https://github.com/OWASP/NodeGoat.git

Running Your Copy of the Code

  1. Install node modules
cd NodeGoat
npm install

  1. Create and populate local DB

  2. Connect to mongod

  3. From a system prompt, start mongo by issuing the mongo command

  4. Paste contents of nodegoat_db_reset.js at root directory on mongo console

  5. Add an entry for DB path in config/env/development.js as

var devConfig = {
  db: "mongodb://localhost/nodegoat" // path to local mongo db
  // any other dev specific entries here
};
  1. Start server
grunt run

This starts the NodeGoat application at url http://localhost:5000/

Customizing the Default Application Configuration

The default application settings (database url, http port, etc.) can be changed by updating the [config file] (https://github.com/OWASP/NodejsGoat/blob/master/config/env/all.js).

Contributing

Contributions from community are key to make NodeGoat a high quality comprehensive resource. Lets make NodeGoat awesome together!

New to git? You may find these resources helpful:

Ways to Contribute

Depending on your preference, you can contribute in various ways. Here are tasks planned for upcoming release. To begin, inform team about task you would like to contribute on, or send any other suggestions you may have using NodeGoat Google Group.

What is the Process

  1. Assign a task from project task list to yourself.
  2. Implement the changes in a fork.
  3. Once code is ready to commit, run command:
grunt precommit

This command indents code using js-beautifier and shows any jsHint errors. These coding conventions are checked using jsHint. Resolve all jsHint errors before committing the code.

  1. Commit the changes by adding issue number into a commit message
  2. Submit a pull request

Contributors

Here are the amazing contributors to the NodeGoat project.

Report bugs, Feedback, Comments

License

Code licensed under the Apache License v2.0.

About

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

www.owasp.org/index.php/Projects/OWASP_Node_js_Goat_Project

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published