vulnerable-web-site

This is a project to reproduce following web application vulnerabilities.

*SSRF works only on localhost

Demo on Vercel

Name	Description	Default
ENABLE_SSRF	Enable SSRF (Server-Side Request Forgery) vulnerability.	`false`
ENABLE_CSP	Enable CSP (Content-Security-Policy) to prevent XSS.	`false`

First, install Node.js v20.10.0, or volta.

node -v
# v20.10.0

Install Node.js modules.

npm install

This project uses Vercel KV. Please follow the following instructions.

Run the development server:

npm run dev

Open http://localhost:3000 with your browser to see the result.

Build and start the server.

npm run build
npm run start

Open http://{server-ip-address}:3000 with your browser to see the result.

The easiest way to deploy your Next.js app is to use the Vercel Platform from the creators of Next.js.

How to deploy Next.js with AWS Amplify.

Name		Name	Last commit message	Last commit date
Latest commit History 27 Commits
.vscode		.vscode
app		app
public		public
src		src
.env		.env
.eslintrc.json		.eslintrc.json
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
middleware.ts		middleware.ts
next.config.js		next.config.js
package-lock.json		package-lock.json
package.json		package.json
postcss.config.js		postcss.config.js
tailwind.config.ts		tailwind.config.ts
tsconfig.json		tsconfig.json