search

SasanLabs / VulnerableApp

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
https://sasanlabs.github.io/VulnerableApp/
Apache License 2.0
289 stars 380 forks source link

Writing How to Pwned VulnerableApp #209

Open preetkaran20 opened 3 years ago

preetkaran20 commented 3 years ago

Is your feature request related to a problem? Please describe. As we have Owasp JuiceShop having how i pwned the juice shop similarly it is better if we have similar documentation website. I agree that VulnerableApp is not build with an intent to target humans but in case some Scanner wanted to know how this vulnerability level can be covered or as our User Interface is also build which helps students to learn the vulnerabilities and practise them so it would be great if we have something like that.

  1. This cannot be done by the people writing the Vulnerabilities as this is not our major goal and we don't want to impose such a restriction on the engineers who are adding the vulnerabilities in say starting 2-3 years.

Describe the solution you'd like Creating documentation website which can either be done using attack vector annotation and that same annotation can be parsed and used to generate the documentation;

Describe alternatives you've considered Attack vectors annotation can help and i suggest using that extensively.

preetkaran20 commented 3 years ago

Related issue: https://github.com/SasanLabs/VulnerableApp/issues/163