{"id":8872,"date":"2020-02-07T07:15:19","date_gmt":"2020-02-07T01:45:19","guid":{"rendered":"http:\/\/kalilinuxtutorials.com\/?p=8872"},"modified":"2020-02-07T07:15:19","modified_gmt":"2020-02-07T01:45:19","slug":"dvna","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/dvna\/","title":{"rendered":"DVNA : Damn Vulnerable NodeJS Application"},"content":{"rendered":"\n<p><strong>Damn Vulnerable NodeJS Application (DVNA)<\/strong> is a simple NodeJS application to demonstrate <a href=\"https:\/\/www.owasp.org\/index.php\/Top_10-2017_Top_10\"><strong>OWASP Top 10 Vulnerabilities<\/strong><\/a> and guide on fixing and avoiding these vulnerabilities. <\/p>\n\n\n\n<p>The application is powered by commonly used libraries such as <a href=\"https:\/\/www.npmjs.com\/package\/express\">express<\/a>, <a href=\"https:\/\/www.npmjs.com\/package\/passport\">passport<\/a>, <a href=\"https:\/\/www.npmjs.com\/package\/sequelize\">sequelize<\/a>, etc.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/appsecco\/dvna#developer-security-guide-book\"><\/a><\/h2>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Developer Security Guide book<\/strong><\/p>\n\n\n\n<p>The application comes with a <strong>developer friendly comprehensive guidebook<\/strong> which can be used to learn, avoid and fix the vulnerabilities. The guide available at <a href=\"https:\/\/appsecco.com\/books\/dvna-developers-security-guide\/\">https:\/\/appsecco.com\/books\/dvna-developers-security-guide\/<\/a> covers the following<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Instructions for setting up Damn Vulnerable NodeJS Application<\/li><li>Instructions on exploiting the vulnerabilities<\/li><li>Vulnerable code snippets and instructions on fixing vulnerabilities<\/li><li>Recommendations for avoid such vulnerabilities<\/li><li>References for learning more<\/li><\/ul>\n\n\n\n<p class=\"has-text-align-center\"><strong>Also Read &#8211; <a href=\"https:\/\/kalilinuxtutorials.com\/risk-assessment-framework-static-application-security-testing\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Risk Assessment Framework : Static Application Security Testing (opens in a new tab)\">Risk Assessment Framework : Static Application Security Testing<\/a><\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/appsecco\/dvna#quick-start\"><\/a><\/h2>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Quick Start<\/strong><\/p>\n\n\n\n<p>Try it using a single command with Docker. This setup uses an SQLite database instead of MySQL.<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>docker run &#8211;name dvna -p 9090:9090 -d appsecco\/dvna:sqlite<\/strong><\/p>\n\n\n\n<p>Access the application at <a href=\"http:\/\/127.0.0.1:9090\/\">http:\/\/127.0.0.1:9090\/<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/appsecco\/dvna#getting-started\"><\/a><\/h2>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Getting Started<\/strong><\/p>\n\n\n\n<p>Damn Vulnerable NodeJS Application can be deployed in three ways<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>For Developers, using docker-compose with auto-reload on code updates<\/li><li>For Security Testers, using the Official image from Docker Hub<\/li><li>For Advanced Users, using a fully manual setup<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/appsecco\/dvna#development-setup\"><\/a><\/h3>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Development Setup<\/strong><\/p>\n\n\n\n<p>Clone this repository<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>git clone https:\/\/github.com\/appsecco\/dvna; cd dvna<\/strong><\/p>\n\n\n\n<p>Create a <code><strong>vars.env<\/strong><\/code> with the desired database configuration<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>MYSQL_USER=dvna <br>MYSQL_DATABASE=dvna <br>MYSQL_PASSWORD=passw0rd <br>MYSQL_RANDOM_ROOT_PASSWORD=yes <\/strong><\/p>\n\n\n\n<p>Start the application and database using docker-compose<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>docker-compose up<\/strong><\/p>\n\n\n\n<p>Access the application at <a href=\"http:\/\/127.0.0.1:9090\/\">http:\/\/127.0.0.1:9090\/<\/a><\/p>\n\n\n\n<p>The application will automatically reload on code changes, so feel free to patch and play around with the application.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/appsecco\/dvna#using-official-docker-image\"><\/a><\/h3>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Using Official Docker Image<\/strong><\/p>\n\n\n\n<p>Create a file named <code><strong>vars.env<\/strong><\/code> with the following configuration<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>MYSQL_USER=dvna <br>MYSQL_DATABASE=dvna <br>MYSQL_PASSWORD=passw0rd <br>MYSQL_RANDOM_ROOT_PASSWORD=yes <br>MYSQL_HOST=mysql-db MYSQL_PORT=3306 <\/strong><\/p>\n\n\n\n<p>Start a MySQL container<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>docker run &#8211;name dvna-mysql &#8211;env-file vars.env -d mysql:5.7<\/strong><\/p>\n\n\n\n<p>Start the application using the official image<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>docker run &#8211;name dvna-app &#8211;env-file vars.env &#8211;link dvna-mysql:mysql-db -p 9090:9090 appsecco\/dvna<\/strong><\/p>\n\n\n\n<p>Access the application at <a href=\"http:\/\/127.0.0.1:9090\/\">http:\/\/127.0.0.1:9090\/<\/a> and start testing!<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/appsecco\/dvna#manual-setup\"><\/a><\/h3>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Manual Setup<\/strong><\/p>\n\n\n\n<p>Clone the repository<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>git clone https:\/\/github.com\/appsecco\/dvna; cd dvna<\/strong><\/p>\n\n\n\n<p>Configure the environment variables with your database information<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>export MYSQL_USER=dvna <br>export MYSQL_DATABASE=dvna <br>export MYSQL_PASSWORD=passw0rd <br>export MYSQL_HOST=127.0.0.1 <br>export MYSQL_PORT=3306<\/strong><\/p>\n\n\n\n<p>Install Dependencies<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>npm install<\/strong><\/p>\n\n\n\n<p>Start the application<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>npm start<\/strong><\/p>\n\n\n\n<p>Access the application at <a href=\"http:\/\/localhost:9090\">http:\/\/localhost:9090<\/a><\/p>\n\n\n\n<div class=\"wp-block-button aligncenter is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-background has-vivid-cyan-blue-background-color\" href=\"https:\/\/github.com\/appsecco\/dvna\"><strong>Download<\/strong><\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Damn Vulnerable NodeJS Application (DVNA) is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing and avoiding these vulnerabilities. The application is powered by commonly used libraries such as express, passport, sequelize, etc. Developer Security Guide book The application comes with a developer friendly comprehensive guidebook which can be used [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":16084,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png","fifu_image_alt":"DVNA : Damn Vulnerable NodeJS Application","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[986,2266],"class_list":["post-8872","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-dvna","tag-nodejs"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>DVNA : Damn Vulnerable NodeJS Application 2020<\/title>\n<meta name=\"description\" content=\"Damn Vulnerable NodeJS Application (DVNA) is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/dvna\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"DVNA : Damn Vulnerable NodeJS Application 2020\" \/>\n<meta property=\"og:description\" content=\"Damn Vulnerable NodeJS Application (DVNA) is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/dvna\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2020-02-07T01:45:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/dvna\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/dvna\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"DVNA : Damn Vulnerable NodeJS Application\",\"datePublished\":\"2020-02-07T01:45:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/dvna\/\"},\"wordCount\":389,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/dvna\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png\",\"keywords\":[\"DVNA\",\"NodeJs\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/dvna\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/dvna\/\",\"name\":\"DVNA : Damn Vulnerable NodeJS Application 2020\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/dvna\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/dvna\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png\",\"datePublished\":\"2020-02-07T01:45:19+00:00\",\"description\":\"Damn Vulnerable NodeJS Application (DVNA) is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/dvna\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/dvna\/#primaryimage\",\"url\":\"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png\",\"contentUrl\":\"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"DVNA : Damn Vulnerable NodeJS Application 2020","description":"Damn Vulnerable NodeJS Application (DVNA) is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/dvna\/","og_locale":"en_US","og_type":"article","og_title":"DVNA : Damn Vulnerable NodeJS Application 2020","og_description":"Damn Vulnerable NodeJS Application (DVNA) is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing","og_url":"https:\/\/kalilinuxtutorials.com\/dvna\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2020-02-07T01:45:19+00:00","og_image":[{"url":"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/dvna\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/dvna\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"DVNA : Damn Vulnerable NodeJS Application","datePublished":"2020-02-07T01:45:19+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/dvna\/"},"wordCount":389,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/dvna\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png","keywords":["DVNA","NodeJs"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/dvna\/","url":"https:\/\/kalilinuxtutorials.com\/dvna\/","name":"DVNA : Damn Vulnerable NodeJS Application 2020","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/dvna\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/dvna\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png","datePublished":"2020-02-07T01:45:19+00:00","description":"Damn Vulnerable NodeJS Application (DVNA) is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/dvna\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/dvna\/#primaryimage","url":"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png","contentUrl":"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/1.bp.blogspot.com\/-xMiSd62hdwE\/Xjw_o5Z5j0I\/AAAAAAAAEvU\/Yd21Kan49fArAnAdW6WC7OQth--JEAmlgCLcBGAsYHQ\/s1600\/dvna%25281%2529.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":25516,"url":"https:\/\/kalilinuxtutorials.com\/nodesecurityshield\/","url_meta":{"origin":8872,"position":0},"title":"NodeSecurityShield : A Developer And Security Engineer Friendly Package For Securing NodeJS Applications","author":"R K","date":"June 25, 2022","format":false,"excerpt":"NodeSecurityShield is a Developer and Security Engineer friendly package for Securing NodeJS Applications. Inspired by the log4J vulnerability (CVE-2021-44228) which can be exploited because an application can make arbitrary network calls. We felt there is an need for an application to declare what privileges it can have so that exploitation\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg0OhwGIVq2NJ5gPelHPgArA_SgQcnRDOyIEP9s7HJkQt0co6vT7d3JP3_I_UaTyI5xOvzSmExnLoZvWXuZC2_LP0b1HHkBwWpdZwwDT8IlJqyJ4ajgjRE5idgfzOdWZYmCVHZcwTQk3ns9IRnvvQu_KOditX4yAbqsNnNO7zj5XOmFvjaAhnbe60Zc\/s728\/NodeSecurityShield%20%281%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg0OhwGIVq2NJ5gPelHPgArA_SgQcnRDOyIEP9s7HJkQt0co6vT7d3JP3_I_UaTyI5xOvzSmExnLoZvWXuZC2_LP0b1HHkBwWpdZwwDT8IlJqyJ4ajgjRE5idgfzOdWZYmCVHZcwTQk3ns9IRnvvQu_KOditX4yAbqsNnNO7zj5XOmFvjaAhnbe60Zc\/s728\/NodeSecurityShield%20%281%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg0OhwGIVq2NJ5gPelHPgArA_SgQcnRDOyIEP9s7HJkQt0co6vT7d3JP3_I_UaTyI5xOvzSmExnLoZvWXuZC2_LP0b1HHkBwWpdZwwDT8IlJqyJ4ajgjRE5idgfzOdWZYmCVHZcwTQk3ns9IRnvvQu_KOditX4yAbqsNnNO7zj5XOmFvjaAhnbe60Zc\/s728\/NodeSecurityShield%20%281%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg0OhwGIVq2NJ5gPelHPgArA_SgQcnRDOyIEP9s7HJkQt0co6vT7d3JP3_I_UaTyI5xOvzSmExnLoZvWXuZC2_LP0b1HHkBwWpdZwwDT8IlJqyJ4ajgjRE5idgfzOdWZYmCVHZcwTQk3ns9IRnvvQu_KOditX4yAbqsNnNO7zj5XOmFvjaAhnbe60Zc\/s728\/NodeSecurityShield%20%281%29.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":22789,"url":"https:\/\/kalilinuxtutorials.com\/ninjas-workout\/","url_meta":{"origin":8872,"position":1},"title":"Ninjas workout : Vulnerable NodeJS Web Application","author":"R K","date":"March 13, 2022","format":false,"excerpt":"Ninjas workout\u00a0is a\u00a0Vulnerable NodeJS Web Application. Quick Start Download the Repo =>run npm i After Installing all dependency just run the application node app.js or nodemon app.js ADDED BUGS Prototype Pollution\u00a0No SQL Injection\u00a0Cross site Scripting\u00a0Broken Access Control\u00a0Broken Session Management\u00a0Weak Regex Implementation\u00a0Race Condition\u00a0CSRF -Cross Site Request Forgery\u00a0Weak Bruteforce Protection\u00a0User Enumeration\u00a0Reset Password\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEjWur-utraJGWk0kBlZarTCkddm_0ObU7AKrgwAKHJxmLu_fp7ieB-rRw2kLERCBqBjF67Uk5-HgP0l35gn6aqTarFM_oyEXqCGJi4nHtvEe5OI70fHclMIlxc0qN987-bxUwNXNAQFqt7zfvr-2wzzp238p4jGySPltqx7AJ3l1-Uh6668hqX0mjOE=s800","width":350,"height":200,"srcset":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEjWur-utraJGWk0kBlZarTCkddm_0ObU7AKrgwAKHJxmLu_fp7ieB-rRw2kLERCBqBjF67Uk5-HgP0l35gn6aqTarFM_oyEXqCGJi4nHtvEe5OI70fHclMIlxc0qN987-bxUwNXNAQFqt7zfvr-2wzzp238p4jGySPltqx7AJ3l1-Uh6668hqX0mjOE=s800 1x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEjWur-utraJGWk0kBlZarTCkddm_0ObU7AKrgwAKHJxmLu_fp7ieB-rRw2kLERCBqBjF67Uk5-HgP0l35gn6aqTarFM_oyEXqCGJi4nHtvEe5OI70fHclMIlxc0qN987-bxUwNXNAQFqt7zfvr-2wzzp238p4jGySPltqx7AJ3l1-Uh6668hqX0mjOE=s800 1.5x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEjWur-utraJGWk0kBlZarTCkddm_0ObU7AKrgwAKHJxmLu_fp7ieB-rRw2kLERCBqBjF67Uk5-HgP0l35gn6aqTarFM_oyEXqCGJi4nHtvEe5OI70fHclMIlxc0qN987-bxUwNXNAQFqt7zfvr-2wzzp238p4jGySPltqx7AJ3l1-Uh6668hqX0mjOE=s800 2x"},"classes":[]},{"id":12056,"url":"https:\/\/kalilinuxtutorials.com\/xss-scanner\/","url_meta":{"origin":8872,"position":2},"title":"XSS-Scanner : Scanner That Detects Cross-Site Scripting Vulnerabilities In Website","author":"R K","date":"January 8, 2021","format":false,"excerpt":"XSS-Scanner is a cross-site scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP Top 10 project and it is a highly chased vulnerability in bug bounty programs. The scanner gets a link from the user and scan the\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1246,"url":"https:\/\/kalilinuxtutorials.com\/xvna\/","url_meta":{"origin":8872,"position":3},"title":"XVNA &#8211; Extreme Vulnerable Node Application","author":"R K","date":"May 15, 2018","format":false,"excerpt":"XVNA is an extraordinary vulnerable node application coded in Nodejs(Expressjs)\/MongoDB that causes security aficionados to learn application security. It's not advised to have this application online as it is proposed to be Vulnerable. We have a tendency to propose facilitating this application in local setting and honing your application security\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":32332,"url":"https:\/\/kalilinuxtutorials.com\/awesome-honeypots\/","url_meta":{"origin":8872,"position":4},"title":"Awesome Honeypots : Guardians Of The Digital Frontier &#8211; A Comprehensive Guide To Cybersecurity Tools","author":"Varshini","date":"March 15, 2024","format":false,"excerpt":"A curated list of awesome honeypots, plus related components and much more, divided into categories such as Web, services, and others, with a focus on free and open source projects. There is no pre-established order of items in each category, the order is for contribution. If you want to contribute,\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjl6TIUyHMIFoX5UJc_H9xcpMPsFg_P2Vf-KNz6MN5gJsQNk8Sb_wuCdEx3JMkXLiYPKuF9niLQNFxghgh-heGKYOwFfn8tXBRzpWC1iUyxvWoC-QN2arsQ8vmn5YC1TNm-23RpXiMrW7MrsKHZBoTWWbyqmyiF_qxHinle0SDuX_JbaVJGkBPl6I7fqiTg\/s16000\/Mali%20GPU%20Kernel%20LPE%20%282%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjl6TIUyHMIFoX5UJc_H9xcpMPsFg_P2Vf-KNz6MN5gJsQNk8Sb_wuCdEx3JMkXLiYPKuF9niLQNFxghgh-heGKYOwFfn8tXBRzpWC1iUyxvWoC-QN2arsQ8vmn5YC1TNm-23RpXiMrW7MrsKHZBoTWWbyqmyiF_qxHinle0SDuX_JbaVJGkBPl6I7fqiTg\/s16000\/Mali%20GPU%20Kernel%20LPE%20%282%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjl6TIUyHMIFoX5UJc_H9xcpMPsFg_P2Vf-KNz6MN5gJsQNk8Sb_wuCdEx3JMkXLiYPKuF9niLQNFxghgh-heGKYOwFfn8tXBRzpWC1iUyxvWoC-QN2arsQ8vmn5YC1TNm-23RpXiMrW7MrsKHZBoTWWbyqmyiF_qxHinle0SDuX_JbaVJGkBPl6I7fqiTg\/s16000\/Mali%20GPU%20Kernel%20LPE%20%282%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjl6TIUyHMIFoX5UJc_H9xcpMPsFg_P2Vf-KNz6MN5gJsQNk8Sb_wuCdEx3JMkXLiYPKuF9niLQNFxghgh-heGKYOwFfn8tXBRzpWC1iUyxvWoC-QN2arsQ8vmn5YC1TNm-23RpXiMrW7MrsKHZBoTWWbyqmyiF_qxHinle0SDuX_JbaVJGkBPl6I7fqiTg\/s16000\/Mali%20GPU%20Kernel%20LPE%20%282%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjl6TIUyHMIFoX5UJc_H9xcpMPsFg_P2Vf-KNz6MN5gJsQNk8Sb_wuCdEx3JMkXLiYPKuF9niLQNFxghgh-heGKYOwFfn8tXBRzpWC1iUyxvWoC-QN2arsQ8vmn5YC1TNm-23RpXiMrW7MrsKHZBoTWWbyqmyiF_qxHinle0SDuX_JbaVJGkBPl6I7fqiTg\/s16000\/Mali%20GPU%20Kernel%20LPE%20%282%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjl6TIUyHMIFoX5UJc_H9xcpMPsFg_P2Vf-KNz6MN5gJsQNk8Sb_wuCdEx3JMkXLiYPKuF9niLQNFxghgh-heGKYOwFfn8tXBRzpWC1iUyxvWoC-QN2arsQ8vmn5YC1TNm-23RpXiMrW7MrsKHZBoTWWbyqmyiF_qxHinle0SDuX_JbaVJGkBPl6I7fqiTg\/s16000\/Mali%20GPU%20Kernel%20LPE%20%282%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":33300,"url":"https:\/\/kalilinuxtutorials.com\/infoooze\/","url_meta":{"origin":8872,"position":5},"title":"Infoooze &#8211; Your Comprehensive Guide To OSINT Tools","author":"Varshini","date":"June 11, 2024","format":false,"excerpt":"Infoooze is a powerful and user-friendly OSINT (Open-Source Intelligence) tool that allows you to quickly and easily gather information about a specific target. With Infoooze, you can easily search for information about websites, IP addresses, usernames, and more, all from the convenience of a simple command-line interface. One of the\u2026","rel":"","context":"In &quot;Information Gathering&quot;","block_context":{"text":"Information Gathering","link":"https:\/\/kalilinuxtutorials.com\/category\/ig\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEglopGQsW-kgvq1L7ao3n1Sv5h_GNFS44hKb1ri45F2fEufbJJJ5G6kfOarARXx98mrEKu7wNd0F0xlrU6Qj4TQfp1yf9y-LLqo0OsiUSmkWThfdAiBnx5t3MM2tah623ZFnt6B3XCfndBf6jIgnrS-mXfNkM8IACQO-llqIvKOWIirvu_9TH_hyphenhyphenN3tSGG8\/s16000\/Untitled%20design%20%281%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEglopGQsW-kgvq1L7ao3n1Sv5h_GNFS44hKb1ri45F2fEufbJJJ5G6kfOarARXx98mrEKu7wNd0F0xlrU6Qj4TQfp1yf9y-LLqo0OsiUSmkWThfdAiBnx5t3MM2tah623ZFnt6B3XCfndBf6jIgnrS-mXfNkM8IACQO-llqIvKOWIirvu_9TH_hyphenhyphenN3tSGG8\/s16000\/Untitled%20design%20%281%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEglopGQsW-kgvq1L7ao3n1Sv5h_GNFS44hKb1ri45F2fEufbJJJ5G6kfOarARXx98mrEKu7wNd0F0xlrU6Qj4TQfp1yf9y-LLqo0OsiUSmkWThfdAiBnx5t3MM2tah623ZFnt6B3XCfndBf6jIgnrS-mXfNkM8IACQO-llqIvKOWIirvu_9TH_hyphenhyphenN3tSGG8\/s16000\/Untitled%20design%20%281%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEglopGQsW-kgvq1L7ao3n1Sv5h_GNFS44hKb1ri45F2fEufbJJJ5G6kfOarARXx98mrEKu7wNd0F0xlrU6Qj4TQfp1yf9y-LLqo0OsiUSmkWThfdAiBnx5t3MM2tah623ZFnt6B3XCfndBf6jIgnrS-mXfNkM8IACQO-llqIvKOWIirvu_9TH_hyphenhyphenN3tSGG8\/s16000\/Untitled%20design%20%281%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEglopGQsW-kgvq1L7ao3n1Sv5h_GNFS44hKb1ri45F2fEufbJJJ5G6kfOarARXx98mrEKu7wNd0F0xlrU6Qj4TQfp1yf9y-LLqo0OsiUSmkWThfdAiBnx5t3MM2tah623ZFnt6B3XCfndBf6jIgnrS-mXfNkM8IACQO-llqIvKOWIirvu_9TH_hyphenhyphenN3tSGG8\/s16000\/Untitled%20design%20%281%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEglopGQsW-kgvq1L7ao3n1Sv5h_GNFS44hKb1ri45F2fEufbJJJ5G6kfOarARXx98mrEKu7wNd0F0xlrU6Qj4TQfp1yf9y-LLqo0OsiUSmkWThfdAiBnx5t3MM2tah623ZFnt6B3XCfndBf6jIgnrS-mXfNkM8IACQO-llqIvKOWIirvu_9TH_hyphenhyphenN3tSGG8\/s16000\/Untitled%20design%20%281%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/8872","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=8872"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/8872\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/16084"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=8872"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=8872"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=8872"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}